Fixed python & feature test failures caused by Werkzeug 3.1.7 rejecting empty Host header in CSRF token generation.

[anilsahoo20]

Summary by CodeRabbit

• Tests
  • Improved CSRF handling in test utilities: test requests now include a sensible default host and explicit HTTP scheme, and session cookies are saved more reliably. This makes cookie/session behavior in tests more closely match production.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 58917367-d2bc-42b3-88c8-e31e18e8954c

📥 Commits

Reviewing files that changed from the base of the PR and between 8534333 and 0073eeb.

📒 Files selected for processing (1)

• web/regression/python_test_utils/csrf_test_client.py

🚧 Files skipped from review as they are similar to previous changes (1)

• web/regression/python_test_utils/csrf_test_client.py

---

Walkthrough

generate_csrf_token() now sets WSGI environ overrides when creating the test request context: it forces wsgi.url_scheme to 'http' and sets HTTP_HOST from app.config.get("SERVER_NAME") (fallback 'localhost') before copying cookies and generating the CSRF token.

Changes

Cohort / File(s)	Summary
CSRF Test Client Configuration web/regression/python_test_utils/csrf_test_client.py	Updated generate_csrf_token() to derive server_name from self.app.config.get("SERVER_NAME") with a 'localhost' fallback, set wsgi.url_scheme to 'http', and populate HTTP_HOST in environ_overrides prior to adding cookies and generating the CSRF token.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly addresses the main change: fixing test failures by addressing Werkzeug's rejection of empty Host headers in CSRF token generation, which aligns with the code changes that set SERVER_NAME and HTTP_HOST.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@web/regression/python_test_utils/csrf_test_client.py`:
- Around line 97-98: Replace the hardcoded 'localhost' used for the 'HTTP_HOST'
header in the environ dictionary with a value derived from the Flask app config
(e.g. app.config.get('SERVER_NAME')): locate the environ/extra_environ
construction in csrf_test_client.py where 'HTTP_HOST' is set, compute host =
(app.config.get('SERVER_NAME') or 'localhost') and, if SERVER_NAME includes a
port, preserve it (split by ':' if present), then set 'HTTP_HOST' to that
derived host so tests respect configured SERVER_NAME and avoid cookie/domain
mismatches.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 51b9fee7-3317-4be9-8df2-cc577a59db8c

📥 Commits

Reviewing files that changed from the base of the PR and between 2576548 and c19c0c2.

📒 Files selected for processing (1)

• web/regression/python_test_utils/csrf_test_client.py

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@web/regression/python_test_utils/csrf_test_client.py`:
- Around line 97-98: The code accesses current_app.config before an application
context exists; replace current_app with the test client instance's application
config (use self.app.config) when building the environ dict so HTTP_HOST is
derived from self.app.config["SERVER_NAME"] or "localhost" instead of
current_app.config; update the environ entry that sets 'HTTP_HOST' accordingly
(look for the mapping containing 'wsgi.url_scheme' and 'HTTP_HOST') to avoid
RuntimeError during CSRF generation.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: d17f3e94-8b98-494e-acac-2c5c236b70f8

📥 Commits

Reviewing files that changed from the base of the PR and between c19c0c2 and 19df688.

📒 Files selected for processing (1)

• web/regression/python_test_utils/csrf_test_client.py