[Python-Dev] Proposed schedule for 3.4.2 (original) (raw)
Barry Warsaw barry at python.org
Tue Sep 9 00:28:46 CEST 2014
- Previous message: [Python-Dev] Proposed schedule for 3.4.2
- Next message: [Python-Dev] Proposed schedule for 3.4.2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sep 09, 2014, at 08:20 AM, Nick Coghlan wrote:
We could actually make it an "official" hack:
import urllib.request urllib.request.urlopen = urllib.request.unverifiedurlopen Or else the user can just change the code to call the unverified one directly. All we'd have to do is keep the existing version that doesn't validate certs properly around under the name "unverifiedurlopen". I like this for a few reasons: 1. It doesn't get much easier than calling function A instead of function B 2. Monkeypatching lets you do a process global hack 3. The name tells you exactly why this is a bad idea 4. It's easy to grep for later after you fix your certs 5. The leading underscore acts as a strong "keep away" signal 6. The leading underscore makes it clear this function may not always be available (e.g. Jython, older versions of Python)
+1. This would also make it easy to mock in a context manager if you just wanted to ignore certs for a small section of code.
-Barry -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: <http://mail.python.org/pipermail/python-dev/attachments/20140908/3da7b545/attachment.sig>
- Previous message: [Python-Dev] Proposed schedule for 3.4.2
- Next message: [Python-Dev] Proposed schedule for 3.4.2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]