This document explains the changes made to the HTTPS handling in the Wink browser codebase.
-
Simplified Network Manager
- Removed the custom
SSLAdapterimplementation that was trying to reinvent functionality already available in the requests library - Now using the built-in HTTPS handling from the requests library, which is well-tested and secure
- Configured a proper retry strategy using requests'
Retryclass
- Removed the custom
-
Removed Insecure Fallbacks
- Removed code that would fall back to
verify=Falsewhen SSL verification failed - This improves security by preventing connections to sites with invalid certificates
- Removed code that would fall back to
-
Updated Dependencies
- Updated requests to version 2.31.0 for better HTTPS support
- Added certifi as an explicit dependency for certificate verification
- Updated urllib3 to a compatible version (>=2.0.7,<3.0)
-
Improved Error Handling
- Simplified error handling across all HTTP methods
- More consistent logging of errors
For proper isolation of dependencies, we now use a virtual environment:
# Create and set up the virtual environment
./setup_venv.sh
# Activate the virtual environment for manual work
source venv/bin/activate
# When finished
deactivate# Create and set up the virtual environment
setup_venv.bat
# Activate the virtual environment for manual work
venv\Scripts\activate.bat
# When finished
deactivateA simple test script (test_network.py) has been created to verify that the simplified HTTPS implementation works correctly. This script:
- Creates a requests session with a retry strategy
- Sets up browser-like headers
- Makes HTTPS requests to example sites
- Reports success or failure
To run the test:
# With the virtual environment activated
python test_network.pyThe JavaScript engine is now using dukpy as requested, which is a lightweight JavaScript engine that doesn't rely on browser technology.