From b01f4738c7311606a1c8e2d3102baacfcc5c0b70 Mon Sep 17 00:00:00 2001
From: Marcin Lewandowski <marcin@ravendb.net>
Date: Tue, 7 Nov 2023 18:55:22 +0100
Subject: [PATCH] RavenDB-21651 CSRF protection in Studio - fixing flacky test

---
 test/SlowTests/Issues/RavenDB-21651.cs | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/test/SlowTests/Issues/RavenDB-21651.cs b/test/SlowTests/Issues/RavenDB-21651.cs
index 7a53c2b60e9..6045b990189 100644
--- a/test/SlowTests/Issues/RavenDB-21651.cs
+++ b/test/SlowTests/Issues/RavenDB-21651.cs
@@ -22,7 +22,6 @@ public RavenDB_21651(ITestOutputHelper output) : base(output)
 
     public const string ExternalTrustedOriginHostname = "external-trusted-origin";
     public const string ExternalTrustedOriginUrl = "http://external-trusted-origin:8080";
-    public const string ExternalTrustedOriginInHeader = "external-trusted-origin-passed-via-header:8084";
     public const string OriginHeader = "X-Forwarded-Host";
 
     public const string ProxyServerHost = "proxy:5656";
@@ -83,12 +82,9 @@ public async Task CsrfProtectionForSecuredCluster()
         var databaseName = GetDatabaseName();
         var (_, leader, certificates) = await CreateRaftClusterWithSsl(clusterSize, false);
 
-        X509Certificate2 adminCertificate = Certificates.RegisterClientCertificate(certificates, new Dictionary<string, DatabaseAccess>(), SecurityClearance.ClusterAdmin, server: leader);
+        X509Certificate2 adminCertificate =
+            Certificates.RegisterClientCertificate(certificates, new Dictionary<string, DatabaseAccess>(), SecurityClearance.ClusterAdmin, server: leader);
 
-        var members = leader.ServerStore.GetClusterTopology().Members.Values.ToList();
-        var nonLeaderUrl = members.First(x => x != leader.WebUrl);
-        var leaderUrl = leader.WebUrl;
-        
         var studioUrl = leader.WebUrl + "/studio/index.html";
         var leaderHost = new Uri(leader.WebUrl).Authority;
         var sameHostAsLeaderButDifferentPort = "http://" + new Uri(leader.WebUrl).Host + ":21";
@@ -159,7 +155,9 @@ private async Task ExecuteRequest(HttpMethod method, string uri, Dictionary<stri
     {
         var handler = new HttpClientHandler
         {
-            ServerCertificateCustomValidationCallback = (message, certificate2, arg3, arg4) => true, SslProtocols = TcpUtils.SupportedSslProtocols
+            ServerCertificateCustomValidationCallback = (_, _, _, _) => true, 
+            SslProtocols = TcpUtils.SupportedSslProtocols,
+            AllowAutoRedirect = true
         };
 
         if (certificate != null)
@@ -169,7 +167,7 @@ private async Task ExecuteRequest(HttpMethod method, string uri, Dictionary<stri
 
         using (var httpClient = new HttpClient(handler))
         {
-            HttpRequestMessage request = new HttpRequestMessage {Method = method, RequestUri = new Uri(uri)};
+            HttpRequestMessage request = new() {Method = method, RequestUri = new Uri(uri)};
 
             if (headers != null)
             {