Skip to content

Test coverage: KalshiConfig trailing-slash stripping + extra_headers #99

Description

@TexasCoding

From Wave 5 test-coverage audit — F-Q-05 and F-Q-06. Severity: medium each.

F-Q-05 — Trailing-slash stripping

`KalshiConfig.post_init` rstrips trailing slashes from `base_url` and `ws_base_url` ("trailing slash is stripped automatically … to prevent double-slash in auth signing paths"). Auth signing strips trailing slash from the path (covered by `test_strips_trailing_slash`), but the config-level normalization at construction time has no test.

A user passing `base_url="https://api.elections.kalshi.com/trade-api/v2/"\` would otherwise produce double-slash paths and break RSA signing — exactly the failure mode the post-init prevents. A dataclass refactor that drops `post_init` slips through.

Test: construct `KalshiConfig(base_url="https://x/y/")\` and `KalshiConfig(ws_base_url="wss://x/y/")`. Assert both end without `/`. Plus a transport-level test: a signed GET with a trailing-slash base hits `/y/markets` (no `//markets`).

F-Q-06 — `extra_headers`

`KalshiConfig.extra_headers: dict[str, str]` is passed to `httpx.Client(headers=...)` and `httpx.AsyncClient(headers=...)` in `_base_client.py:94` and `:205`. No test verifies that user-supplied extras (e.g. `{"X-Trace-Id": "abc"}`) are actually sent on each request, nor that they don't conflict with per-request auth headers.

Distributed-tracing users have no regression coverage; a refactor moving `headers=config.extra_headers` to per-request would break header collision/precedence silently.

Test: config with `extra_headers={"X-Trace-Id": "trace-1", "User-Agent": "kalshi-sdk/test"}`. Fire a respx-mocked GET. Assert both headers on the wire AND `KALSHI-ACCESS-KEY` still present (verifies they don't overwrite each other).

Metadata

Metadata

Assignees

No one assigned

    Labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions