Set ssl=True by default for AIOHTTPTransport (#538)

leszekhanusz · web-flow · commit 5a9f98360d8f · 2025-03-11T20:34:01.000Z
diff --git a/docs/code_examples/fastapi_async.py b/docs/code_examples/fastapi_async.py
@@ -10,6 +10,7 @@
 
 from fastapi import FastAPI, HTTPException
 from fastapi.responses import HTMLResponse
+
 from gql import Client, gql
 from gql.transport.aiohttp import AIOHTTPTransport
 
diff --git a/docs/code_examples/httpx_async_trio.py b/docs/code_examples/httpx_async_trio.py
@@ -1,4 +1,5 @@
 import trio
+
 from gql import Client, gql
 from gql.transport.httpx import HTTPXAsyncTransport
 
diff --git a/gql/transport/aiohttp.py b/gql/transport/aiohttp.py
@@ -2,19 +2,8 @@
 import io
 import json
 import logging
-import warnings
 from ssl import SSLContext
-from typing import (
-    Any,
-    AsyncGenerator,
-    Callable,
-    Dict,
-    Optional,
-    Tuple,
-    Type,
-    Union,
-    cast,
-)
+from typing import Any, AsyncGenerator, Callable, Dict, Optional, Tuple, Type, Union
 
 import aiohttp
 from aiohttp.client_exceptions import ClientResponseError
@@ -57,7 +46,7 @@ def __init__(
         headers: Optional[LooseHeaders] = None,
         cookies: Optional[LooseCookies] = None,
         auth: Optional[Union[BasicAuth, "AppSyncAuthentication"]] = None,
-        ssl: Union[SSLContext, bool, Fingerprint, str] = "ssl_warning",
+        ssl: Union[SSLContext, bool, Fingerprint] = True,
         timeout: Optional[int] = None,
         ssl_close_timeout: Optional[Union[int, float]] = 10,
         json_serialize: Callable = json.dumps,
@@ -71,7 +60,8 @@ def __init__(
         :param cookies: Dict of HTTP cookies.
         :param auth: BasicAuth object to enable Basic HTTP auth if needed
                      Or Appsync Authentication class
-        :param ssl: ssl_context of the connection. Use ssl=False to disable encryption
+        :param ssl: ssl_context of the connection.
+                    Use ssl=False to not verify ssl certificates.
         :param ssl_close_timeout: Timeout in seconds to wait for the ssl connection
                                   to close properly
         :param json_serialize: Json serializer callable.
@@ -88,20 +78,7 @@ def __init__(
         self.headers: Optional[LooseHeaders] = headers
         self.cookies: Optional[LooseCookies] = cookies
         self.auth: Optional[Union[BasicAuth, "AppSyncAuthentication"]] = auth
-
-        if ssl == "ssl_warning":
-            ssl = False
-            if str(url).startswith("https"):
-                warnings.warn(
-                    "WARNING: By default, AIOHTTPTransport does not verify"
-                    " ssl certificates. This will be fixed in the next major version."
-                    " You can set ssl=True to force the ssl certificate verification"
-                    " or ssl=False to disable this warning"
-                )
-
-        self.ssl: Union[SSLContext, bool, Fingerprint] = cast(
-            Union[SSLContext, bool, Fingerprint], ssl
-        )
+        self.ssl: Union[SSLContext, bool, Fingerprint] = ssl
         self.timeout: Optional[int] = timeout
         self.ssl_close_timeout: Optional[Union[int, float]] = ssl_close_timeout
         self.client_session_args = client_session_args
diff --git a/tests/test_aiohttp.py b/tests/test_aiohttp.py
@@ -1325,7 +1325,6 @@ async def handler(request):
         assert africa["code"] == "AF"
 
 
-@pytest.mark.skip(reason="We will change the default to fix this in a future version")
 @pytest.mark.asyncio
 async def test_aiohttp_query_https_self_cert_fail(ssl_aiohttp_server):
     """By default, we should verify the ssl certificate"""
@@ -1360,7 +1359,7 @@ async def handler(request):
 
 
 @pytest.mark.asyncio
-async def test_aiohttp_query_https_self_cert_warn(ssl_aiohttp_server):
+async def test_aiohttp_query_https_self_cert_default(ssl_aiohttp_server):
     from aiohttp import web
     from gql.transport.aiohttp import AIOHTTPTransport
 
@@ -1375,13 +1374,9 @@ async def handler(request):
 
     assert str(url).startswith("https://")
 
-    expected_warning = (
-        "WARNING: By default, AIOHTTPTransport does not verify ssl certificates."
-        " This will be fixed in the next major version."
-    )
+    transport = AIOHTTPTransport(url=url)
 
-    with pytest.warns(Warning, match=expected_warning):
-        AIOHTTPTransport(url=url, timeout=10)
+    assert transport.ssl is True
 
 
 @pytest.mark.asyncio

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`import trio`
	`2`	`+`
`2`	`3`	`from gql import Client, gql`
`3`	`4`	`from gql.transport.httpx import HTTPXAsyncTransport`
`4`	`5`