[wp-trac] [WordPress Trac] #38232: Setting `sslverify` to false still validates the hostname

WordPress Trac noreply at wordpress.org
Wed Oct 5 03:26:46 UTC 2016


#38232: Setting `sslverify` to false still validates the hostname
--------------------------+---------------------
 Reporter:  dd32          |       Owner:  dd32
     Type:  defect (bug)  |      Status:  closed
 Priority:  normal        |   Milestone:  4.6.2
Component:  HTTP API      |     Version:
 Severity:  normal        |  Resolution:  fixed
 Keywords:                |     Focuses:
--------------------------+---------------------

Comment (by dd32):

 In [changeset:"38728"]:
 {{{
 #!CommitTicketReference repository="" revision="38728"
 HTTP: Update Requests to master (0048f3c) which fixes a number of
 outstanding issues.

 Merges [38727] to the 4.6 branch.

 Fixes #38070, #37733 by reverting part of [38429] and using the fix in
 Requests.
 Fixes #37992 allowing for connecting to SSL resources on ports other than
 443.
 Fixes #37991 by not sending default ports in the `Host:` header.
 Fixes #37839 to match and decode Chunked responses correctly.
 Fixes #38232 allowing a SSL connection to ignore the hostname of the
 certificate when verification is disabled.
 }}}

--
Ticket URL: <https://core.trac.wordpress.org/ticket/38232#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list