New submission from Nick Coghlan: Attached minimal patch updates http.client.HTTPSConnection to validate certs by default and adjusts test.test_httplib accordingly.
It doesn't currently include any docs changes, or changes to urllib. The process wide "revert to the old behaviour" hook is to monkeypatch the ssl module: ssl._create_default_https_context = ssl._create_unverified_context To monkeypatch the stdlib to validate *everything* (this one isn't new, just noting it for the record): ssl._create_stdlib_context = ssl.create_default_context ---------- files: pep476_minimal_implementation.diff keywords: patch messages: 226912 nosy: alex, larry, ncoghlan priority: high severity: normal status: open title: PEP 476: verify HTTPS certificates by default type: enhancement Added file: http://bugs.python.org/file36624/pep476_minimal_implementation.diff _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue22417> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com