ssl docs

README.rst

@@ -34,9 +34,10 @@ all the hard work and crazy hacks for you.
 Features
 --------
 
+- Browser standard SSL verification.
 - Extremely simple HEAD, GET, POST, PUT, PATCH, DELETE Requests.
 - Gevent support for Asyncronous Requests.
-- Sessions with cookie persistience.
+- Sessions with cookie persistence.
 - Basic, Digest, and Custom Authentication support.
 - Automatic form-encoding of dictionaries
 - A simple dictionary interface for request/response cookies.

docs/community/faq.rst

@@ -81,3 +81,9 @@ Proxy Support?
 
 You bet!
 
+
+SSL Verification?
+-----------------
+
+Absolutely.
+

docs/index.rst

@@ -65,14 +65,13 @@ Requests is ready for today's web.
 - International Domains and URLs
 - Keep-Alive & Connection Pooling
 - Sessions with Cookie Persistence
+- Browser-style SSL Verification
 - Basic/Digest Authentication
 - Elegant Key/Value Cookies
 - Automatic Decompression
 - Unicode Response Bodies
 - Multipart File Uploads
 - Connection Timeouts
-- Zero Dependencies
-
 
 
 User Guide

docs/user/advanced.rst

@@ -45,9 +45,24 @@ Any dictionaries that you pass to a request method will be merged with the sessi
 
 All values that are contained within a session are directly available to you. See the :ref:`Session API Docs <sessionapi>` to learn more.
 
+SSL Cert Verification
+---------------------
+
+Requests can verify SSL certificates for HTTPS requests, just like a web browser. To check a host's SSL certificate, you can use the ``verify`` argument::
+
+    >>> requests.get('https://kennethreitz.com', verify=True)
+    requests.exceptions.SSLError: hostname 'kennethreitz.com' doesn't match either of '*.herokuapp.com', 'herokuapp.com'
+
+I don't have SSL setup on this domain, so it fails. Excellent. I do hate it setup for httpbin.org though::
+
+    >>> requests.get('https://httpbin.org', verify=True)
+    <Response [200]>
+
+You can also pass ``verify`` the path to a CA_BUNDLE file for private certs. You can also set the ``REQUESTS_CA_BUNDLE`` environment variable.
+
 
 Body Content Workflow
-----------------------
+---------------------
 
 By default, when you make a request, the body of the response isn't downloaded immediately. The response headers are downloaded when you make a request, but the content isn't downloaded until you access the :class:`Response.content` attribute.
 
@@ -246,7 +261,7 @@ Then, we can make a request using our Pizza Auth::
 Streaming Requests
 ------------------
 
-With ``requests.Response.iter_lines()`` you can easily iterate over streaming 
+With ``requests.Response.iter_lines()`` you can easily iterate over streaming
 APIs such as the `Twitter Streaming API <https://dev.twitter.com/docs/streaming-api>`_.
 
 To use the Twitter Streaming API to track the keyword "requests":

requests/api.py

@@ -31,6 +31,7 @@ def request(method, url, **kwargs):
     :param return_response: (optional) If False, an un-sent Request object will returned.
     :param session: (optional) A :class:`Session` object to be used for the request.
     :param config: (optional) A configuration dictionary.
+    :param verify: (optional) if ``True``, the SSL cert will be verified. A CA_BUNDLE path can also be provided.
     """
 
     s = kwargs.get('session') or sessions.session()

requests/sessions.py

@@ -133,7 +133,7 @@ class Session(object):
         :param return_response: (optional) If False, an un-sent Request object will returned.
         :param config: (optional) A configuration dictionary.
         :param prefetch: (optional) if ``True``, the response content will be immediately downloaded.
-        :param prefetch: (optional) if ``True``, the SSL cert will be verified. A CA_BUNDLE path can also be provided.
+        :param verify: (optional) if ``True``, the SSL cert will be verified. A CA_BUNDLE path can also be provided.
         """
 
         method = str(method).upper()