You misunderstood the JavaScript issue: if you built a JavaScript interpreter (which people of course have, and which most of these JITs have as a fallback already) and used that to make a browser, you still would not be allowed in the App Store because you are downloading new code and functionality for execution to execute in a scripting engine that did not come with the iPhone.
In my experience those rules can be bent a little bit, i.e. for an app that displays 3D graphics like an augmented reality application, it's generally fine to use Lua or JS to script those, even if the code is downloaded from the web. Of course you still can't jit this, but luckily I've found that JavaScriptCore and LuaJIT with the jit turned off are very fast on iDevices anyway.
The function of the rule is to prevent people from creating an alternative app platform. For example, one based on the Flash runtime where you could download new applications from within this app, thereby bypassing the app store.
> The function of the rule is to prevent people from creating an alternative app platform. For example, one based on the Flash runtime where you could download new applications from within this app, thereby bypassing the app store.
A full-fledged third-party browser would inevitably be an alternative app platform. In some ways, that's the point.
