I have Cordova application which displays external content with iframe (youtube embedded video in that case)
When clicking links inside the iframe (like the youtube logo), The whole webview is navigated to the youtube website, not just the iframe. (without ability to go back, you need to kill the app), the behaviour i want to prevent.
On android, the cordova plugin api exposes onOverrideUrlLoading method, which should be able to block unwanted navigations. (have't tested it myself yet)
I haven't found similar method on ios cordova classes, nor in ios webview api. but i'm not really familiar with ios.
I've also tried (on android & ios) iframe's sandbox attribute https://developer.mozilla.org/en/docs/Web/HTML/Element/iframe#attr-sandbox That works for preventing scripts (not that i need that atm, just to check if the attribute is doing something) but not to prevent the navigation (to enable navigation you should add allow-top-navigation and i didn't)
Use html5 sandbox attribute, while not allowing allow-top-navigation & allow-popups
Tested on: ios 8/7.1, android 4.4
In my previous check i've added allow-popups to the sandbox value