Menu
I use Python's urllib2.urlopen for talking with HTTPS servers, but I now learned on the documentation that "HTTPS requests [using urllib2.urlopen] do not do any verification of the server’s certificate."
This is a big problem for me, because it leaves my servers open to a MITM attack.
I want a drop-in replacement for urllib2.urlopen that does cert-verification, so I could bundle it with my code and replace all calls to urllib2.urlopen with calls to the modified urlopen function.
Because this is a security issue, I much prefer battle-tested security-audited code rather than some random recipe from the internet.
917
The situation changed, fortunately. Certificate verification is by default enabled from Python 2.7.9 / 3.4.3 on. See https://www.python.org/dev/peps/pep-0476/ for further details.
59
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
