On Sep 09, 2014, at 08:20 AM, Nick Coghlan wrote: >We could actually make it an "official" hack: > > import urllib.request > urllib.request.urlopen = urllib.request._unverified_urlopen > >Or else the user can just change the code to call the unverified one >directly. > >All we'd have to do is keep the existing version that doesn't validate >certs properly around under the name "_unverified_urlopen". > >I like this for a few reasons: > >1. It doesn't get much easier than calling function A instead of function B >2. Monkeypatching lets you do a process global hack >3. The name tells you exactly why this is a bad idea >4. It's easy to grep for later after you fix your certs >5. The leading underscore acts as a strong "keep away" signal >6. The leading underscore makes it clear this function may not always be >available (e.g. Jython, older versions of Python) +1. This would also make it easy to mock in a context manager if you just wanted to ignore certs for a small section of code. -Barry -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: not available URL: <http://mail.python.org/pipermail/python-dev/attachments/20140908/3da7b545/attachment.sig>
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4