I gather you’re talking about a Cordova app. Your server is running on localhost, and that’s what WKWebView is loading, not your .com domain. So this is a way to associate your app with a domain for Apple’s password manager.
I have the same problem, albeit I first noticed it with LastPass. I imagine any password manager would have a hard time with a WKWebView.
Just guessing here, but my thought is that this “Associated Domains” setting (which I can’t find in my Xcode apparently because I need to create a Developer Account first) doesn’t affect what’s inside WKWebView. I’ve found this to be true of other things about WKWebView – like it’s running in its own little sandbox that doesn’t necessarily take on the attributes or entitlements of the parent app.
I’d be interested in a solution to this as well since I’m spoiled by password managers these days and I’d like my app to be compatible with them too.
I wonder if cordova-plugin-app-scope might be a solution?