Comment 4 for bug 625076

You know what, this bug isn't fixed. You clearly didn't test it.
As per http://bugs.python.org/issue1589 you are vulnerable. Test it your self using the test I put above again... all that is different is that now don't follow the redirect to a http:// location from what i can see.

So your application is still vulnerable, as long as I have a certificate signed by ca in the ca store, I can MITM checkbox.

Please test your patches before saying they fix things and EVEN better add a test to check it has been fixed.

Please let me know if I am wrong :)