Senthil Kumaran added the comment: > HTTPSConnection is lower-level, so it makes sense to allow more > deviations there. That's why HTTPSConnection also takes the context > directly.
That's okay of an explanation. HTTPSHandler in urllib module provides an option to send the context and the check_hostname and we are using that here. I can understand the security benefits in sending the check_hostname=True (which is sane thing to do). But if someone explicitly wants to use the check_hostname=False in the HTTPSHandler, he will have to create a new local opener object and then use the opener.open to carry on with the request as he would expect it to behave. ( Do you think this warrants a doc update. Personally I am 0 on it). I am okay this change. This should be back ported as the code was unreachable 3.3 in the first place and there is no behavior change. Thanks! ---------- assignee: orsenthil -> pitrou resolution: -> fixed _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue17483> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
