[Python-Dev] Proposed schedule for 3.4.2

Nick Coghlan ncoghlan at gmail.com
Tue Sep 9 00:43:51 CEST 2014

On 9 Sep 2014 08:30, "Donald Stufft" <donald at stufft.io> wrote:
> If someone wants to do this, can’t they write their own 6 line function?

Unfortunately not, as the domain knowledge required to know what those six
lines should look like is significant.

Keeping the old unsafe behaviour around with a more obviously dangerous
name is much simpler than explaining to people "Here, copy this chunk of
code you don't understand".

If we were starting with a blank slate there's no way we'd offer such a
thing, but as Jim pointed out, we do want to make it relatively easy for
Standard Operating Environment maintainers to hack around it if necessary.


> import ssl
> import urllib.request
> _real_urlopen = urllib.request.urlopen
> def _unverified(*args, **kwargs):
>     if not kwargs.keys() & {“context”, “cafile”, “capath”, “cadefault”}:
>         ctx = ssl.create_default_context()
>         ctx.verify_mode = CERT_NONE
>         ctx.verify_hostname = False
>         kwargs[“context”] = ctx
>     return _real_urlopen(*args, **kwargs)
> ---
> Donald Stufft
> PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20140909/4b02303d/attachment.html>

More information about the Python-Dev mailing list