Remove 'verify=False' from HTTP client instantiations

Eliminated the 'verify=False' parameter from all httpx.Client and httpx.AsyncClient initializations to enforce SSL certificate verification. This improves security by ensuring HTTPS requests validate server certificates.
2026-01-12 16:25:53 +08:00 · 2025-09-20 18:56:29 +08:00
parent 2a6a9421ca
commit 9e68621e76
3 changed files with 3 additions and 6 deletions
--- a/web/app.py
+++ b/web/app.py
@@ -206,9 +206,6 @@ templates = Jinja2Templates(directory=f"{base_path}/templates")
 web_app = WebOnekeyApp(manager)


-
-
-
@app.get("/")
 async def index(request: Request):
    """主页"""
@@ -395,7 +392,7 @@ async def get_key_info(request: Request):
        if not key:
            return JSONResponse({"success": False, "message": "卡密不能为空"})

-        async with httpx.AsyncClient(timeout=10.0, verify=False) as client:
+        async with httpx.AsyncClient(timeout=10.0) as client:
            response = await client.post(
                f"{STEAM_API_BASE}/getKeyInfo",
                json={"key": key},