search

DjangoAdminHackers / django-linkcheck

An app that will analyze and report on links in any model that you register with it. Links can be bare (urls or image and file fields) or embedded in HTML (linkcheck handles the parsing). It's fairly easy to override methods of the Linkcheck object should you need to do anything more complicated (like generate URLs from slug fields etc).
BSD 3-Clause "New" or "Revised" License
75 stars 26 forks source link

Verify SSL certificates #120

Closed timobrembeck closed 1 year ago

timobrembeck commented 1 year ago

This PR removes the 'verify': False, option for the checking requests, which should make sure that links with incorrect certificates are marked as invalid.

I don't see a reason why anyone would not want this and would prefer to enforce this, but if you think legacy apps might need the option to turn this off, I could also add a config value for this.

The hard part was to get at least some half-decent readable output from the requests library, unfortunately they seem to just stack their own exceptions on top of all urllib's exceptions in string representation, so I didn't find a way to extract the original exception text from the final exception without ugly regex parsing...

I tested this with a few URLs from https://badssl.com/, and the results seem to look promising:

Screenshot 2022-11-17 at 16-12-47 Integreat Editorial System

(I didn't know how to test more options with Django's test server other than simply a missing certificate)

Fixes #118

claudep commented 1 year ago

May I ask you to rebase your patch now that I removed Python 3.6 from the test matrix?

timobrembeck commented 1 year ago

May I ask you to rebase your patch now that I removed Python 3.6 from the test matrix?

Thanks, that seemed to help!