Skip to content

Flask application redirects to empty “about:srcdoc” page when index (root path) is requested

I am working on a Flask web application. It has two iframes side-by-side and accesses a csv file. The file contains urls that, by using selenium .page_source(), will be loaded into the iframes using srcdoc. The page source is edited using beautiful soup 4 before being turned into a string and being sent to the frontend.

The issue I am facing right now is that, when I open the app (either locally or the version hosted on a virtual machine) SOMETIMES I am redirected to an empty page with “about:srcdoc” in the url bar. While it doesnt happen 100%, it occurs frequently enough to be a problem.

GitHub repo with code: https://github.com/MohamedMoustafaNUIG/AnnotatorVM

The flask application is annotator.py and the pages that load from the root are app/templates/index.html and app/templates/base.html

Code snippet from index.html

<div class="row" style="width: 100%; height: 80%; min-height: 600px;">
    <p align="center">Annotated Origins: {{fpo}} / {{tpo}} for this page and {{fto}} / {{tto}} in total</p>
    <div class="column left" style="width:50%; position: relative; display: inline-block; margin: 0; border: 0; padding: 0;">
        <h4><a id="cLink" href="{{t3}}" target="_blank">Fact Checking Article: </a></h4>
      <iframe id="cframe" style="display: block" width="100%" height="100%" srcdoc="{{t1}}"></iframe>
    </div>
    <div class="column right" style="width:50%; position: relative; display: inline-block; margin: 0; border: 0; padding:0;">
      <h4><a id="oLink" href={{t4}} target="_blank">Origin Candidate: </a></h4>
      <iframe id="oframe" style="display: block" width="100%" height="100%" srcdoc="{{t2}}"></iframe>
    </div>
</div>

Has anyone run into a similar problem before? It doesnt need to be when using flask, I just want to understand the logic behind redirecting to “about:srcdoc”. Any advice? Thank you in advance 🙂

EDIT: Nothing? I cant be the first one to ever face this problem.

Answer

It seems that some pages being displayed in the iframe where redirecting the parent page (my app) to about:srcdoc url. Solved this by sandboxing both iframes and restricting top-navigation only.