Python Recaptcha client does not validate SSL certificates - Githubissues

Daniel3356 / recaptcha

Automatically exported from code.google.com/p/recaptcha

0 stars 1 forks source link

Python Recaptcha client does not validate SSL certificates #199

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago

https://code.google.com/p/recaptcha/source/browse/trunk/recaptcha-plugins/python
/recaptcha/client/captcha.py

this uses urllib / urllib2 which do not validate SSL certificates:
https://docs.python.org/2/library/urllib2.html

The 'requests' library is fairly popular and does validation:
http://docs.python-requests.org/en/latest/user/advanced/#ssl-cert-verification

Of course, this introduces a new dependency, but may be worth it for concerned 
site operators, as well as to set a good example.

Original issue reported on code.google.com by phil.a...@gmail.com on 4 Sep 2014 at 9:20