[Python-checkins] peps: PEP476: Explicitly mention (and discourage) the ability to monkeypatch, and
alex.gaynor
python-checkins at python.org
Sat Sep 20 17:41:54 CEST 2014
https://hg.python.org/peps/rev/d37d916f3a34
changeset: 5556:d37d916f3a34
user: Alex Gaynor <alex.gaynor at gmail.com>
date: Sat Sep 20 08:41:47 2014 -0700
summary:
PEP476: Explicitly mention (and discourage) the ability to monkeypatch, and note the python versions
files:
pep-0476.txt | 10 +++++++++-
1 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/pep-0476.txt b/pep-0476.txt
--- a/pep-0476.txt
+++ b/pep-0476.txt
@@ -26,7 +26,8 @@
This PEP proposes to enable verification of X509 certificate signatures, as
well as hostname verification for Python's HTTP clients by default, subject to
-opt-out on a per-call basis.
+opt-out on a per-call basis. This change would be applied to Python 2.7, Python
+3.4, and Python 3.5.
Rationale
=========
@@ -129,6 +130,13 @@
context = ssl._create_unverified_context()
urllib.urlopen("https://no-valid-cert", context=context)
+It is also possibly **though highly discouraged** to globally disable
+verification by monkeypatching the ``ssl`` module::
+
+ import ssl
+
+ ssl._create_default_https_context = ssl._create_unverified_context
+
Other protocols
===============
--
Repository URL: https://hg.python.org/peps
More information about the Python-checkins
mailing list