summaryrefslogtreecommitdiffstats
path: root/Doc/library
diff options
context:
space:
mode:
authorBenjamin Peterson <benjamin@python.org>2014-11-03 19:36:48 (GMT)
committerBenjamin Peterson <benjamin@python.org>2014-11-03 19:36:48 (GMT)
commit1cca273669598978f6dfc1d1aad92e02a84bbe04 (patch)
tree1f691e61f1dcc13f14fee02fe0031dd865e74869 /Doc/library
parent2cb0e73a89589ce56ba17da39a06f8017cfc92e4 (diff)
parent4ffb0752710f0c0720d4f2af0c4b7ce1ebb9d2bd (diff)
downloadcpython-1cca273669598978f6dfc1d1aad92e02a84bbe04.zip
cpython-1cca273669598978f6dfc1d1aad92e02a84bbe04.tar.gz
cpython-1cca273669598978f6dfc1d1aad92e02a84bbe04.tar.bz2
merge 3.4 (#22417)
Diffstat (limited to 'Doc/library')
-rw-r--r--Doc/library/http.client.rst12
-rw-r--r--Doc/library/urllib.request.rst5
-rw-r--r--Doc/library/xmlrpc.client.rst7
3 files changed, 9 insertions, 15 deletions
diff --git a/Doc/library/http.client.rst b/Doc/library/http.client.rst
index 9f6bcd1..35b9355 100644
--- a/Doc/library/http.client.rst
+++ b/Doc/library/http.client.rst
@@ -71,12 +71,6 @@ The module provides the following classes:
:func:`ssl.create_default_context` select the system's trusted CA
certificates for you.
- The recommended way to connect to HTTPS hosts on the Internet is as
- follows::
-
- context = ssl.create_default_context()
- h = client.HTTPSConnection('www.python.org', 443, context=context)
-
Please read :ref:`ssl-security` for more information on best practices.
.. note::
@@ -97,6 +91,12 @@ The module provides the following classes:
The *strict* parameter was removed. HTTP 0.9-style "Simple Responses" are
no longer supported.
+ .. versionchanged:: 3.4.3
+ This class now performs all the necessary certificate and hostname checks
+ by default. To revert to the previous, unverified, behavior
+ :func:`ssl._create_unverified_context` can be passed to the *context*
+ parameter.
+
.. class:: HTTPResponse(sock, debuglevel=0, method=None, url=None)
diff --git a/Doc/library/urllib.request.rst b/Doc/library/urllib.request.rst
index 9de8dd3..f860c03 100644
--- a/Doc/library/urllib.request.rst
+++ b/Doc/library/urllib.request.rst
@@ -62,11 +62,6 @@ The :mod:`urllib.request` module defines the following functions:
*cafile* and *capath* parameters are omitted. This will only work on
some non-Windows platforms.
- .. warning::
- If neither *cafile* nor *capath* is specified, and *cadefault* is ``False``,
- an HTTPS request will not do any verification of the server's
- certificate.
-
For http and https urls, this function returns a
:class:`http.client.HTTPResponse` object which has the following
:ref:`httpresponse-objects` methods.
diff --git a/Doc/library/xmlrpc.client.rst b/Doc/library/xmlrpc.client.rst
index 550dee2..1d87f49 100644
--- a/Doc/library/xmlrpc.client.rst
+++ b/Doc/library/xmlrpc.client.rst
@@ -27,11 +27,10 @@ between conformable Python objects and XML on the wire.
constructed data. If you need to parse untrusted or unauthenticated data see
:ref:`xml-vulnerabilities`.
-.. warning::
-
- In the case of https URIs, :mod:`xmlrpc.client` does not do any verification
- of the server's certificate.
+.. versionchanged:: 3.4.3
+ For https URIs, :mod:`xmlrpc.client` now performs all the necessary
+ certificate and hostname checks by default
.. class:: ServerProxy(uri, transport=None, encoding=None, verbose=False, \
allow_none=False, use_datetime=False, \