feat(flask): Add span streaming support and request body capture #6264
4 issues
code-review: Found 4 issues (4 low)
Low
File upload fields silently serialize as empty strings in span attribute - `sentry_sdk/integrations/_wsgi_common.py:214-216`
When a multipart form with file uploads is processed, parsed_body() (line 160 of _wsgi_common.py) sets file fields to AnnotatedValue.removed_because_raw_data() whose .value is "". The _default handler returns that empty string, so the span attribute ends up as {"file_field": ""} with no indication that a file was present but excluded.
Form data code path in `_set_request_body_data_on_streaming_segment` has no test coverage - `sentry_sdk/integrations/flask.py:44`
The if "form" in request.__dict__: branch is never exercised by the new streaming tests — consider adding a test that POSTs application/x-www-form-urlencoded or multipart/form-data with span streaming enabled to verify form fields are captured on the segment span.
max_request_body_size="never" still sets http.request.body.data on the span with a misleading over-size-limit marker - `sentry_sdk/integrations/flask.py:196-197`
When max_request_body_size="never" is configured, request_body_within_bounds returns False (treating "never" the same as an oversized body), so the span attribute http.request.body.data is still written with "[Exceeds maximum size]". This contradicts user intent — they expect "never" to fully suppress body capture — and misattributes the reason: the body wasn't too large, it was explicitly opted out.
Excessive branching within a single parametrized test creates two near-independent test paths - `tests/integrations/flask/test_flask.py:438-463`
The if span_streaming: ... else: ... blocks throughout the test body create two essentially independent code paths with different fixtures, assertions, and even a conditional sentry_sdk.flush() call — consider splitting into two dedicated test functions for clarity and to avoid masking regressions in one path.
⏱ 15m 27s · 4.0M in / 103.7k out · $3.94