Replace vulnerable HTTPS policy for verifying certificates

praekeltfoundation · May 4, 2017 · 927669d · 927669d
1 parent f3d826e
commit 927669d
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/vumi/utils.py b/vumi/utils.py
@@ -13,7 +13,7 @@
 from twisted.internet import protocol
 from twisted.internet.defer import succeed
 from twisted.python.failure import Failure
-from twisted.web.client import Agent, ResponseDone, WebClientContextFactory
+from twisted.web.client import Agent, ResponseDone, BrowserLikePolicyForHTTPS
 from twisted.web.server import Site
 from twisted.web.http_headers import Headers
 from twisted.web.iweb import IBodyProducer
@@ -134,7 +134,7 @@ def http_request_full(url, data=None, headers={}, method='POST',
         # The import replaces the local variable.
         from twisted.internet import reactor
     pool = default_pool(reactor, pool=None, persistent=False)
-    context_factory = context_factory or WebClientContextFactory()
+    context_factory = context_factory or BrowserLikePolicyForHTTPS()
     agent = agent_class(reactor, pool=pool, contextFactory=context_factory)
     client = HTTPClient(agent)
 
@@ -176,7 +176,7 @@ def old_http_request_full(url, data=None, headers={}, method='POST',
         from twisted.internet import reactor
     if agent_class is None:
         agent_class = Agent
-    context_factory = context_factory or WebClientContextFactory()
+    context_factory = context_factory or BrowserLikePolicyForHTTPS()
     agent = agent_class(reactor, contextFactory=context_factory)
     d = agent.request(method,
                       url,