如何在 Python 请求中禁用安全证书检查

我在用

import requests
requests.post(url='https://foo.example', data={'bar':'baz'})

但我得到一个 request.exceptions.SSLError。该网站有一个过期的证书，但我没有发送敏感数据，所以对我来说没关系。我想我可以使用像“verifiy=False”这样的论点，但我似乎找不到它。

原文由 Paul Draper 发布，翻译遵循 CC BY-SA 4.0 许可协议

阅读 695

从文档中：

requests 如果将 verify 设置为 False，也可以忽略验证 SSL 证书。

>  >>> requests.get('https://kennethreitz.com', verify=False)
> <Response [200]>
>
> ```

如果您正在使用第三方模块并想要禁用检查，这里有一个上下文管理器，它可以修补 `requests` 并将其更改为 `verify=False` 是默认值并抑制警告.

import warnings import contextlib

import requests from urllib3.exceptions import InsecureRequestWarning

old_merge_environment_settings = requests.Session.merge_environment_settings

@contextlib.contextmanager def no_ssl_verification(): opened_adapters = set()

def merge_environment_settings(self, url, proxies, stream, verify, cert):
    # Verification happens only once per connection so we need to close
    # all the opened adapters once we're done. Otherwise, the effects of
    # verify=False persist beyond the end of this context manager.
    opened_adapters.add(self.get_adapter(url))

    settings = old_merge_environment_settings(self, url, proxies, stream, verify, cert)
    settings['verify'] = False

    return settings

requests.Session.merge_environment_settings = merge_environment_settings

try:
    with warnings.catch_warnings():
        warnings.simplefilter('ignore', InsecureRequestWarning)
        yield
finally:
    requests.Session.merge_environment_settings = old_merge_environment_settings

    for adapter in opened_adapters:
        try:
            adapter.close()
        except:
            pass


以下是你如何使用它：

with no_ssl_verification(): requests.get(’https://wrong.host.badssl.example/’) print(‘It works’)

requests.get('https://wrong.host.badssl.example/', verify=True)
print('Even if you try to force it to')

requests.get(’https://wrong.host.badssl.example/’, verify=False) print(‘It resets back’)

session = requests.Session() session.verify = True

with no_ssl_verification(): session.get(’https://wrong.host.badssl.example/’, verify=True) print(‘Works even here’)

try: requests.get(’https://wrong.host.badssl.example/’) except requests.exceptions.SSLError: print(‘It breaks’)

try: session.get(’https://wrong.host.badssl.example/’) except requests.exceptions.SSLError: print(‘It breaks here again’)


请注意，一旦您离开上下文管理器，此代码将关闭处理修补请求的所有打开的适配器。这是因为 requests 维护每个会话的连接池，并且每个连接只发生一次证书验证，所以会发生这样的意外情况：

import requests session = requests.Session() session.get(’https://wrong.host.badssl.example/’, verify=False) /usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py:857: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning) session.get(’https://wrong.host.badssl.example/’, verify=True) /usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py:857: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning)

”`

原文由 Blender 发布，翻译遵循 CC BY-SA 4.0 许可协议

import requests from urllib3.exceptions import InsecureRequestWarning # Suppress only the single warning from urllib3 needed. requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) # Set `verify=False` on `requests.post`. requests.post(url='https://example.com', data={'bar':'baz'}, verify=False)

如何在 Python 请求中禁用安全证书检查

你尚未登录，登录后可以

Qt中布局是否只有5种呢？

这段代码为什么不能获取到数据？

字节的 trae AI IDE 不支持类似 vscode 的 ssh remote 远程开发怎么办？

请问一下，如何理解reduce函数呢？

如何使用Python+Selenium爬取Goodreads上万条书评而不崩溃？

如何使用 python 代码实现迅雷磁力链接资源的下载？

在PyCharm开发不同python项目，如果每个项目使用自己的venv环境，是不是每次切换项目都需要修改python interpreter？

Stack Overflow 翻译