From f87bda5f8fa3e8177051e1dbd387d1e8946df873 Mon Sep 17 00:00:00 2001
From: Brant <xkdcc@users.noreply.github.com>
Date: Sat, 8 May 2021 10:50:38 +0800
Subject: [PATCH 1/2] Use https by default for endpoint

Using https by default is one of the security best practice rules nowadays.
Azure also have been using https by default, you can refer to https://github.com/Azure/azure-sdk-for-python/blob/master/sdk/storage/azure-storage-blob/azure/storage/blob/_blob_client.py

With this changes, the existing programs of customers might fail with `CERTIFICATE_VERIFY_FAILED` if they didn't specify "http://" explicitly.
To avoid surprise from customers, please notify developers and customers in Aliyun community and guides before merge/release with this changes.
---
 oss2/api.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/oss2/api.py b/oss2/api.py
index a9994713..ffce4480 100644
--- a/oss2/api.py
+++ b/oss2/api.py
@@ -2506,10 +2506,16 @@ def __convert_data(self, klass, converter, data):
 
 
 def _normalize_endpoint(endpoint):
+    """规范化endpoint，默认启用 https 以增加安全性。该接口返回规范化后的 URL 字符串。
+
+    :param endpoint: 合法的 URL 字符串，参考 RFC 1738。
+
+    :return: 规范化后的 URL 字符串。
+    """
     url = endpoint
 
     if not endpoint.startswith('http://') and not endpoint.startswith('https://'):
-        url = 'http://' + endpoint
+        url = 'https://' + endpoint
 
     p = urlparse(url)
 

From 76fc6cf000babe996b3b90c224b5f2fa4683af3d Mon Sep 17 00:00:00 2001
From: Brant <xkdcc@users.noreply.github.com>
Date: Tue, 13 Jul 2021 09:51:04 +0800
Subject: [PATCH 2/2] retrigger checks