Switch to using sandboxed iframes for displaying attachments #6639
Description
matrix-org/matrix-react-sdk#1864 switches us from using data URIs to blobs for displaying e2e attachments (to fix #2678, #2866).
However, a much more robust solution would be to display them as object URLs within a sandboxed iframe - the same trick as proposed in #6173 for rendering secure download links.