diff --git a/xrspatial/geotiff/tests/test_ssrf_hardening_1664.py b/xrspatial/geotiff/tests/test_ssrf_hardening_1664.py
index 9c45fefd..f1a12f02 100644
--- a/xrspatial/geotiff/tests/test_ssrf_hardening_1664.py
+++ b/xrspatial/geotiff/tests/test_ssrf_hardening_1664.py
@@ -267,8 +267,17 @@ def request(self, method, url, **kwargs):
 
 
 class TestRedirectRevalidation:
+    # The test_urllib3_* tests exercise the urllib3 transport path: they mock
+    # urllib3.PoolManager and call read_range(), which internally builds a
+    # urllib3.Timeout via _urllib3_timeout(). urllib3 is an optional runtime
+    # dependency (_HTTPSource falls back to stdlib urllib.request when it's
+    # missing -- see _reader.py:615-617), so each urllib3-using test starts
+    # with pytest.importorskip("urllib3"). The test_stdlib_* tests below
+    # exercise the stdlib redirect handler directly and run regardless.
+
     def test_urllib3_redirect_to_private_rejected(self, monkeypatch):
         """Public host that 302-redirects to loopback must be rejected."""
+        pytest.importorskip("urllib3")
         # Initial validator pass: example.com resolves to a public IP.
         monkeypatch.setattr(
             socket, 'getaddrinfo', _fake_getaddrinfo('93.184.216.34'))
@@ -290,6 +299,7 @@ def test_urllib3_redirect_to_private_rejected(self, monkeypatch):
 
     def test_urllib3_redirect_to_public_followed(self, monkeypatch):
         """Public -> public redirect is followed; validator passes each hop."""
+        pytest.importorskip("urllib3")
         monkeypatch.setattr(
             socket, 'getaddrinfo', _fake_getaddrinfo('93.184.216.34'))
         src = _reader_mod._HTTPSource('https://example.com/cog.tif')
@@ -305,6 +315,7 @@ def test_urllib3_redirect_to_public_followed(self, monkeypatch):
 
     def test_urllib3_redirect_chain_capped(self, monkeypatch):
         """More than _HTTP_MAX_REDIRECTS hops raises rather than looping."""
+        pytest.importorskip("urllib3")
         monkeypatch.setattr(
             socket, 'getaddrinfo', _fake_getaddrinfo('93.184.216.34'))
         src = _reader_mod._HTTPSource('https://example.com/cog.tif')
@@ -322,6 +333,7 @@ def test_urllib3_redirect_chain_capped(self, monkeypatch):
 
     def test_urllib3_relative_location_resolved(self, monkeypatch):
         """Relative Location like ``/other.tif`` resolves against the source."""
+        pytest.importorskip("urllib3")
         monkeypatch.setattr(
             socket, 'getaddrinfo', _fake_getaddrinfo('93.184.216.34'))
         src = _reader_mod._HTTPSource('https://example.com/dir/cog.tif')