[Python-checkins] peps: PEP476: Explicitly mention (and discourage) the ability to monkeypatch, and

alex.gaynor python-checkins at python.org
Sat Sep 20 17:41:54 CEST 2014

• Previous message: [Python-checkins] Daily reference leaks (8b58be9f98a7): sum=130911
• Next message: [Python-checkins] cpython (3.4): use patch context manager instead of decorator because the decorator 'leaks'
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

https://hg.python.org/peps/rev/d37d916f3a34
changeset: 5556:d37d916f3a34
user: Alex Gaynor <alex.gaynor at gmail.com>
date: Sat Sep 20 08:41:47 2014 -0700
summary:
 PEP476: Explicitly mention (and discourage) the ability to monkeypatch, and note the python versions
files:
 pep-0476.txt | 10 +++++++++-
 1 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/pep-0476.txt b/pep-0476.txt
--- a/pep-0476.txt
+++ b/pep-0476.txt
@@ -26,7 +26,8 @@
 
 This PEP proposes to enable verification of X509 certificate signatures, as
 well as hostname verification for Python's HTTP clients by default, subject to
-opt-out on a per-call basis.
+opt-out on a per-call basis. This change would be applied to Python 2.7, Python
+3.4, and Python 3.5.
 
 Rationale
 =========
@@ -129,6 +130,13 @@
 context = ssl._create_unverified_context()
 urllib.urlopen("https://no-valid-cert", context=context)
 
+It is also possibly **though highly discouraged** to globally disable
+verification by monkeypatching the ``ssl`` module::
+
+ import ssl
+
+ ssl._create_default_https_context = ssl._create_unverified_context
+
 Other protocols
 ===============
 
-- 
Repository URL: https://hg.python.org/peps

---

• Previous message: [Python-checkins] Daily reference leaks (8b58be9f98a7): sum=130911
• Next message: [Python-checkins] cpython (3.4): use patch context manager instead of decorator because the decorator 'leaks'
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-checkins mailing list