verify should be True

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Metadata

ID: python-security/request-verify

Language: Python

Severity: Error

Category: Security

Description

The verify parameter controls whether the SSL certificate should be verified during your server requests. It’s strongly recommended to set this parameter to True which is the default value. This rule will warn you when it’s detected False has been set.

Non-Compliant Code Examples

import requests

def fetch_data():
    r = requests.get(w, verify=False, timeout=5)

from requests import get
r = get(w, verify=False)  # verify should be True
r = get(w, verify=False, timeout=10)  # verify should be True

Compliant Code Examples

from requests import get
r = get(w)
r = get(w, timeout=10, verify=True)

from requests import get
r = get(w)
r = get(w, timeout=10)
https://static.datadoghq.com/static/images/logos/github_avatar.svg https://static.datadoghq.com/static/images/logos/vscode_avatar.svg jetbrains

Seamless integrations. Try Datadog Code Analysis

Datadog Code Analysis