Intent whitelisting controls the URLs that the app is allowed to ask the system to open. By default, no external URLs are allowed. This whitelist does not apply to plugins, only hyperlinks and calls to window.open(). Also, you can allow specific intent, which can be accessed with the <allow-intent> property:
<allow-intent href="http://*/*" /><allow-intent href="https://*/*" /><allow-intent href="sms:*" /><allow-intent href="tel:*" /><!-- Allow all unrecognized URLs to open installed apps *NOT RECOMMENDED* --><allow-intent href="*" />
One important thing to note is you need to add the Content-Security-Policy meta tag inside index.html for Android to prevent showing this info message:
"No Content-Security-Policy meta ...