[Python-checkins] r85101 - in python/branches/py3k/Doc/library: http.client.rst urllib.request.rst
antoine.pitrou
python-checkins at python.org
Wed Sep 29 13:24:23 CEST 2010
Author: antoine.pitrou
Date: Wed Sep 29 13:24:21 2010
New Revision: 85101
Log:
Issue #9983: warn that urllib and httplib don't perform SSL certificate validation.
Modified:
python/branches/py3k/Doc/library/http.client.rst
python/branches/py3k/Doc/library/urllib.request.rst
Modified: python/branches/py3k/Doc/library/http.client.rst
==============================================================================
--- python/branches/py3k/Doc/library/http.client.rst (original)
+++ python/branches/py3k/Doc/library/http.client.rst Wed Sep 29 13:24:21 2010
@@ -53,13 +53,13 @@
.. class:: HTTPSConnection(host, port=None, key_file=None, cert_file=None, strict=None[, timeout[, source_address]])
A subclass of :class:`HTTPConnection` that uses SSL for communication with
- secure servers. Default port is ``443``. *key_file* is the name of a PEM
- formatted file that contains your private key. *cert_file* is a PEM formatted
- certificate chain file.
+ secure servers. Default port is ``443``. *key_file* is the name of a PEM
+ formatted file that contains your private key, and *cert_file* is a PEM
+ formatted certificate chain file; both can be used for authenticating
+ yourself against the server.
- .. note::
-
- This does not do any certificate verification.
+ .. warning::
+ This does not do any verification of the server's certificate.
.. versionchanged:: 3.2
*source_address* was added.
Modified: python/branches/py3k/Doc/library/urllib.request.rst
==============================================================================
--- python/branches/py3k/Doc/library/urllib.request.rst (original)
+++ python/branches/py3k/Doc/library/urllib.request.rst Wed Sep 29 13:24:21 2010
@@ -11,6 +11,10 @@
opening URLs (mostly HTTP) in a complex world --- basic and digest
authentication, redirections, cookies and more.
+.. warning:: When opening HTTPS (or FTPS) URLs, it is not attempted to
+ validate the server certificate. Use at your own risk!
+
+
The :mod:`urllib.request` module defines the following functions:
More information about the Python-checkins
mailing list