Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Talisman causing Flask test_client post(), put(), or delete() requests to fail

See original GitHub issue

I hope there is a parameter that I’m missing to fix this or I may be doing something wrong, but I don’t believe that Flask Talisman works when making post(), put(), or delete() requests with the Flask test_client(). If that is the case, please consider this as a feature request if you deem it appropriate behavior for Flask Talisman.

I have observed that after adding Taliasman(app) to my Flask app I had to change all of my test cases to follow_redirects=True because apparently Talisman redirects every request. The problem is that it breaks all POST, PUT, and DELETE requests which get redirect and become GET requests.

Sample that shows problem

Given this simple Flask app: (app.py)

from flask import Flask, jsonify

app = Flask(__name__)

@app.route('/test1', methods=['GET'])
def get_test():
    return jsonify(message='200 OK'), 200

@app.route('/test2', methods=['POST'])
def create_test():
    return jsonify(message='201 Created'), 201

and these test cases: (test_case.py

from unittest import TestCase
from app import app

class TalismanTestCase(TestCase):
    def setUp(self):
        self.client = app.test_client()

    def test_get(self):
        resp = self.client.get('/test1')
        self.assertEqual(resp.status_code, 200)

    def test_post(self):
        resp = self.client.post('/test2')
        self.assertEqual(resp.status_code, 201)

When I run the tests, they execute correctly as expected:

$ python -m unittest -v test_case.py 
test_get (test_case.TalismanTestCase) ... ok
test_post (test_case.TalismanTestCase) ... ok

----------------------------------------------------------------------
Ran 2 tests in 0.004s

OK

However when I add Talisman(app) to my code:

from flask import Flask, jsonify
from flask_talisman import Talisman

app = Flask(__name__)

Talisman(app)

... same code here ...

I get these test results:

python -m unittest -v test_case.py 
test_get (test_case.TalismanTestCase) ... FAIL
test_post (test_case.TalismanTestCase) ... FAIL

======================================================================
FAIL: test_get (test_case.TalismanTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/Users/rofrano/tmp/talisman-test/test_case.py", line 13, in test_get
    self.assertEqual(resp.status_code, 200)
AssertionError: 302 != 200

======================================================================
FAIL: test_post (test_case.TalismanTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/Users/rofrano/tmp/talisman-test/test_case.py", line 18, in test_post
    self.assertEqual(resp.status_code, 201)
AssertionError: 302 != 201

----------------------------------------------------------------------
Ran 2 tests in 0.006s

FAILED (failures=2)

So I tell the Flask test_client() to follow redirects by adding the following to my test cases:

    def test_get(self):
        resp = self.client.get('/test1', follow_redirects=True)
        self.assertEqual(resp.status_code, 200)

    def test_post(self):
        resp = self.client.post('/test2', follow_redirects=True)
        self.assertEqual(resp.status_code, 201)

and now I get the following test results:

$ python -m unittest -v test_case.py 
test_get (test_case.TalismanTestCase) ... ok
test_post (test_case.TalismanTestCase) ... FAIL

======================================================================
FAIL: test_post (test_case.TalismanTestCase)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/Users/rofrano/tmp/talisman-test/test_case.py", line 18, in test_post
    self.assertEqual(resp.status_code, 201)
AssertionError: 405 != 201

----------------------------------------------------------------------
Ran 2 tests in 0.009s

FAILED (failures=1)

The first test case passed because the redirect performed a GET on the Location header that was returned but the second test failed because the POST was turned into a GET which returned a 405 Method Not Allowed. I don’t know if this is something the Flask test_client() should fix but using curl I observed the same behavior.

Impact to developers

This makes it impossible to post form data in a test case when Talisman is being used. Do you consider this a bug or a limitation? If a limitation can I request that this capability be added? Thanks!

Issue Analytics

State:
Created 4 years ago
Comments:5

Top GitHub Comments

1reaction

JeroenAtCleCocommented, Mar 4, 2020

@rofrano I’m having the same problem here. Where did you place the parameter: force_https=False in the code? Kind regards!

1reaction

rofranocommented, Dec 20, 2019

@RDIL Thank You! Using force_https=False was the parameter I was looking for because that fixed it! I wasn’t aware that Flask-Talisman was using sslify so now I know what to do. Thanks again!