[Python-Dev] Proposed schedule for 3.4.2 (original) (raw)
Nick Coghlan ncoghlan at gmail.com
Tue Sep 9 00:35:03 CEST 2014
- Previous message: [Python-Dev] Proposed schedule for 3.4.2
- Next message: [Python-Dev] Proposed schedule for 3.4.2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 9 Sep 2014 08:20, "Nick Coghlan" <ncoghlan at gmail.com> wrote:
On 9 Sep 2014 04:00, "Barry Warsaw" <barry at python.org> wrote: > > > >This would need to be updated first, once it did take such an argument, > >this would be accomplished by: > > > >context = ssl.createdefaultcontext() > >context.verifymode = CERTOPTIONACERTNONE > >context.verifyhostname = False > >urllib.request.urlopen(" https://something-i-apparently-dont-care-much-about", > >context=context) > > There's probably an ugly hack possibility that uses unittest.mock.patch. ;) We could actually make it an "official" hack: import urllib.request urllib.request.urlopen = urllib.request.unverifiedurlopen
Thinking about it a bit more, I suspect httplib would be the right level for such a hack.
Either way, I actually think a monkeypatching based solution is a reasonable choice here. You can downgrade back to the old behaviour selectively (calling the unverified version or monkeypatching the calling module) or globally (monkeypatching the httplib module)
If folks go "Ewww, I'm going to fix my code or certs instead", that's a good outcome :)
Cheers, Nick. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20140909/9c8e73c5/attachment.html>
- Previous message: [Python-Dev] Proposed schedule for 3.4.2
- Next message: [Python-Dev] Proposed schedule for 3.4.2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]