Skip to content

Instantly share code, notes, and snippets.

Created October 16, 2014 15:22
  • Star 10 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save flandr/74be22d1c3d7c1dfefdd to your computer and use it in GitHub Desktop.
Forcing TLS in Python's urllib2
# Python 2.6's urllib2 does not allow you to select the TLS dialect,
# and by default uses a SSLv23 compatibility negotiation implementation.
# Besides being vulnerable to POODLE, the OSX implementation doesn't
# work correctly, failing to connect to servers that respond only to
# TLS1.0+. These classes help set up TLS support for urllib2.
class TLS1Connection(httplib.HTTPSConnection):
"""Like HTTPSConnection but more specific"""
def __init__(self, host, **kwargs):
httplib.HTTPSConnection.__init__(self, host, **kwargs)
def connect(self):
"""Overrides HTTPSConnection.connect to specify TLS version"""
# Standard implementation from HTTPSConnection, which is not
# designed for extension, unfortunately
sock = socket.create_connection((, self.port),
self.timeout, self.source_address)
if getattr(self, '_tunnel_host', None):
self.sock = sock
# This is the only difference; default wrap_socket uses SSLv23
self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file,
class TLS1Handler(urllib2.HTTPSHandler):
"""Like HTTPSHandler but more specific"""
def __init__(self):
def https_open(self, req):
return self.do_open(TLS1Connection, req)
# Override default handler
Copy link

OlofT commented Nov 24, 2014


Note, remember to also import the following:

import httplib
import socket
import ssl

Copy link

Thanks @flandr.

PS: Create a ticket with httplib to add support for specifying the SSL protocol:

Copy link

IDmedia commented Jan 16, 2015

Awesome. But how might I use this with cookies and modified headers?


cj = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
opener.addheaders = [('User-agent', 'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.76 Safari/537.36')]

Copy link

Thanks a lot!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment