diff options
Diffstat (limited to 'Doc/library')
| -rw-r--r-- | Doc/library/http.client.rst | 12 | ||||
| -rw-r--r-- | Doc/library/urllib.request.rst | 5 | ||||
| -rw-r--r-- | Doc/library/xmlrpc.client.rst | 7 |
3 files changed, 9 insertions, 15 deletions
diff --git a/Doc/library/http.client.rst b/Doc/library/http.client.rst index 9f6bcd1..35b9355 100644 --- a/Doc/library/http.client.rst +++ b/Doc/library/http.client.rst @@ -71,12 +71,6 @@ The module provides the following classes: :func:`ssl.create_default_context` select the system's trusted CA certificates for you. - The recommended way to connect to HTTPS hosts on the Internet is as - follows:: - - context = ssl.create_default_context() - h = client.HTTPSConnection('www.python.org', 443, context=context) - Please read :ref:`ssl-security` for more information on best practices. .. note:: @@ -97,6 +91,12 @@ The module provides the following classes: The *strict* parameter was removed. HTTP 0.9-style "Simple Responses" are no longer supported. + .. versionchanged:: 3.4.3 + This class now performs all the necessary certificate and hostname checks + by default. To revert to the previous, unverified, behavior + :func:`ssl._create_unverified_context` can be passed to the *context* + parameter. + .. class:: HTTPResponse(sock, debuglevel=0, method=None, url=None) diff --git a/Doc/library/urllib.request.rst b/Doc/library/urllib.request.rst index bd7340b..ea9050f 100644 --- a/Doc/library/urllib.request.rst +++ b/Doc/library/urllib.request.rst @@ -62,11 +62,6 @@ The :mod:`urllib.request` module defines the following functions: *cafile* and *capath* parameters are omitted. This will only work on some non-Windows platforms. - .. warning:: - If neither *cafile* nor *capath* is specified, and *cadefault* is ``False``, - an HTTPS request will not do any verification of the server's - certificate. - For http and https urls, this function returns a :class:`http.client.HTTPResponse` object which has the following :ref:`httpresponse-objects` methods. diff --git a/Doc/library/xmlrpc.client.rst b/Doc/library/xmlrpc.client.rst index d6360df..c06345e 100644 --- a/Doc/library/xmlrpc.client.rst +++ b/Doc/library/xmlrpc.client.rst @@ -27,11 +27,10 @@ between conformable Python objects and XML on the wire. constructed data. If you need to parse untrusted or unauthenticated data see :ref:`xml-vulnerabilities`. -.. warning:: - - In the case of https URIs, :mod:`xmlrpc.client` does not do any verification - of the server's certificate. +.. versionchanged:: 3.4.3 + For https URIs, :mod:`xmlrpc.client` now performs all the necessary + certificate and hostname checks by default .. class:: ServerProxy(uri, transport=None, encoding=None, verbose=False, \ allow_none=False, use_datetime=False, \ |