[Python-Dev] PYTHONHTTPSVERIFY env var

Donald Stufft donald at stufft.io
Tue May 12 13:09:56 CEST 2015

If you control the app you don't need to do that. All relevant api accept the context parameter. The shims are only useful when you don't control the app. So an app shipping their own python doesn't fall under that. 

> On May 12, 2015, at 6:56 AM, M.-A. Lemburg <mal at egenix.com> wrote:
>> On 12.05.2015 12:04, Donald Stufft wrote:
>>> On May 12, 2015, at 3:57 AM, M.-A. Lemburg <mal at egenix.com> wrote:
>>> In a user based installation (which most applications shipping
>>> their own Python installation are), you can always do this
>>> provided you can gain the application user permissions.
>> Of course, if the application is shipping it’s own Python then
>> it has to actually do something to update to 2.7.9 and it can
>> add it’s own option to disable TLS verification. I personally
>> think that the application providing that option is the *right* way
>> and all these other things are, at best, just temporary shims until
>> the applications do that.
> I still believe that requiring to monkeypatch Python is a very poor
> approach in terms of quality software design. We can do better and
> we should.
> -- 
> Marc-Andre Lemburg
> eGenix.com
> Professional Python Services directly from the Source  (#1, May 12 2015)
>>>> Python Projects, Coaching and Consulting ...  http://www.egenix.com/
>>>> mxODBC Plone/Zope Database Adapter ...       http://zope.egenix.com/
>>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/
> ________________________________________________________________________
> ::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::
>   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
>    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
>           Registered at Amtsgericht Duesseldorf: HRB 46611
>               http://www.egenix.com/company/contact/

More information about the Python-Dev mailing list