Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython2 / fcfb18ee2b754368ff005a3fec8a9fe7930ccf7d^! / . / Doc / library / urllib2.rst
commitfcfb18ee2b754368ff005a3fec8a9fe7930ccf7d[log] [tgz]
authorBenjamin Peterson <benjamin@python.org>Sun Nov 23 11:42:45 2014 -0600
committerBenjamin Peterson <benjamin@python.org>Sun Nov 23 11:42:45 2014 -0600
treed0ec3069e6f10073b55fca4ebf710a8da6123b1f
parent5f6b89bda3cc9797186c567b6be5c6d8feedb3ec [diff] [blame]
allow passing cert/ssl information to urllib2.urlopen and httplib.HTTPSConnection

This is basically a backport of issues #9003 and #22366.

diff --git a/Doc/library/urllib2.rst b/Doc/library/urllib2.rst
index 0411e18..65d11e1 100644
--- a/Doc/library/urllib2.rst
+++ b/Doc/library/urllib2.rst

@@ -22,13 +22,10 @@
 The :mod:`urllib2` module defines the following functions:
 
 
-.. function:: urlopen(url[, data][, timeout])
+.. function:: urlopen(url[, data[, timeout[, cafile[, capath[, cadefault[, context]]]]])
 
    Open the URL *url*, which can be either a string or a :class:`Request` object.
 
-   .. warning::
-      HTTPS requests do not do any verification of the server's certificate.
-
    *data* may be a string specifying additional data to send to the server, or
    ``None`` if no such data is needed.  Currently HTTP requests are the only ones
    that use *data*; the HTTP request will be a POST instead of a GET when the
@@ -41,7 +38,19 @@
    The optional *timeout* parameter specifies a timeout in seconds for blocking
    operations like the connection attempt (if not specified, the global default
    timeout setting will be used).  This actually only works for HTTP, HTTPS and
-   FTP connections.
+         FTP connections.
+
+   If *context* is specified, it must be a :class:`ssl.SSLContext` instance
+   describing the various SSL options. See :class:`~httplib.HTTPSConnection` for
+   more details.
+
+   The optional *cafile* and *capath* parameters specify a set of trusted CA
+   certificates for HTTPS requests.  *cafile* should point to a single file
+   containing a bundle of CA certificates, whereas *capath* should point to a
+   directory of hashed certificate files.  More information can be found in
+   :meth:`ssl.SSLContext.load_verify_locations`.
+
+   The *cadefault* parameter is ignored.
 
    This function returns a file-like object with three additional methods:
 
@@ -66,7 +75,10 @@
    handled through the proxy.
 
    .. versionchanged:: 2.6
-      *timeout* was added.
+     *timeout* was added.
+
+   .. versionchanged:: 2.7.9
+      *cafile*, *capath*, *cadefault*, and *context* were added.
 
 
 .. function:: install_opener(opener)
@@ -280,9 +292,13 @@
    A class to handle opening of HTTP URLs.
 
 
-.. class:: HTTPSHandler()
+.. class:: HTTPSHandler([debuglevel[, context[, check_hostname]]])
 
-   A class to handle opening of HTTPS URLs.
+   A class to handle opening of HTTPS URLs. *context* and *check_hostname* have
+   the same meaning as for :class:`httplib.HTTPSConnection`.
+
+   .. versionchanged:: 2.7.9
+      *context* and *check_hostname* were added.
 
 
 .. class:: FileHandler()