On 9 Sep 2014 08:20, "Nick Coghlan" <[email protected]> wrote: > > > On 9 Sep 2014 04:00, "Barry Warsaw" <[email protected]> wrote: > > > > > >This would need to be updated first, once it *did* take such an argument, > > >this would be accomplished by: > > > > > >context = ssl.create_default_context() > > >context.verify_mode = CERT_OPTIONACERT_NONE > > >context.verify_hostname = False > > >urllib.request.urlopen(" https://something-i-apparently-dont-care-much-about";, > > >context=context) > > > > There's probably an ugly hack possibility that uses unittest.mock.patch. ;) > > We could actually make it an "official" hack: > > import urllib.request > urllib.request.urlopen = urllib.request._unverified_urlopen
Thinking about it a bit more, I suspect httplib would be the right level for such a hack. Either way, I actually think a monkeypatching based solution is a reasonable choice here. You can downgrade back to the old behaviour selectively (calling the unverified version or monkeypatching the calling module) or globally (monkeypatching the httplib module) If folks go "Ewww, I'm going to fix my code or certs instead", that's a good outcome :) Cheers, Nick.
_______________________________________________ Python-Dev mailing list [email protected] https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
