从文档中:
requests如果设置verify为False,也可以忽略验证SSL证书 。>>> requests.get('https://kennethreitz.com', verify=False)<Response [200]>
如果您使用的是第三方模块,并且想禁用检查功能,则可以使用上下文管理器来修补
requests和更改它,从而使它
verify=False成为默认设置并禁止显示警告。
import warningsimport contextlibimport requestsfrom urllib3.exceptions import InsecureRequestWarningold_merge_environment_settings = requests.Session.merge_environment_settings@contextlib.contextmanagerdef no_ssl_verification(): opened_adapters = set() def merge_environment_settings(self, url, proxies, stream, verify, cert): # Verification happens only once per connection so we need to close # all the opened adapters once we're done. Otherwise, the effects of # verify=False persist beyond the end of this context manager. opened_adapters.add(self.get_adapter(url)) settings = old_merge_environment_settings(self, url, proxies, stream, verify, cert) settings['verify'] = False return settings requests.Session.merge_environment_settings = merge_environment_settings try: with warnings.catch_warnings(): warnings.simplefilter('ignore', InsecureRequestWarning) yield finally: requests.Session.merge_environment_settings = old_merge_environment_settings for adapter in opened_adapters: try: adapter.close() except: pass使用方法如下:
with no_ssl_verification(): requests.get('https://wrong.host.badssl.com/') print('It works') requests.get('https://wrong.host.badssl.com/', verify=True) print('Even if you try to force it to')requests.get('https://wrong.host.badssl.com/', verify=False)print('It resets back')session = requests.Session()session.verify = Truewith no_ssl_verification(): session.get('https://wrong.host.badssl.com/', verify=True) print('Works even here')try: requests.get('https://wrong.host.badssl.com/')except requests.exceptions.SSLError: print('It breaks')try: session.get('https://wrong.host.badssl.com/')except requests.exceptions.SSLError: print('It breaks here again')请注意,一旦您离开上下文管理器,此代码将关闭处理已打补丁请求的所有打开的适配器。这是因为请求维护了每个会话的连接池,并且证书验证每个连接仅执行一次,因此将发生以下意外情况:
>>> import requests>>> session = requests.Session()>>> session.get('https://wrong.host.badssl.com/', verify=False)/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py:857: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning)<Response [200]>>>> session.get('https://wrong.host.badssl.com/', verify=True)/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py:857: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning)<Response [200]>
