The Fix
pip install requests==2.27.0
Based on closed psf/requests issue #5891 · PR/commit linked
@@ -633,7 +633,7 @@ def send(self, request, **kwargs):
kwargs.setdefault('verify', self.verify)
kwargs.setdefault('cert', self.cert)
- kwargs.setdefault('proxies', self.proxies)
+ kwargs.setdefault('proxies', self.rebuild_proxies(request, self.proxies))
repro.py
{
"chardet": {
"version": "3.0.4"
},
"charset_normalizer": {
"version": "2.0.3"
},
"cryptography": {
"version": "3.4.7"
},
"idna": {
"version": "2.10"
},
"implementation": {
"name": "CPython",
"version": "3.7.10"
},
"platform": {
"release": "5.4.0-1055-azure",
"system": "Linux"
},
"pyOpenSSL": {
"openssl_version": "101010bf",
"version": "19.1.0"
},
"requests": {
"version": "2.26.0"
},
"system_ssl": {
"version": "101000cf"
},
"urllib3": {
"version": "1.26.6"
},
"using_charset_normalizer": false,
"using_pyopenssl": true
}
verify
Re-run the minimal reproduction on your broken version, then apply the fix and re-run.
fix.md
Option A — Upgrade to fixed release\npip install requests==2.27.0\nWhen NOT to use: This fix should not be used if the application relies on the previous proxy handling behavior.\n\nOption C — Workaround\nit?\nWhen NOT to use: This fix should not be used if the application relies on the previous proxy handling behavior.\n\n
Why This Fix Works in Production
- Trigger: This seems to be the PR that caused the regression: https://github.com/psf/requests/pull/5681
- Mechanism: Performance degradation due to inefficient proxy handling in the Session#send method
- Why the fix works: Rebuilds the proxy configuration on the Session#send method, addressing performance issues related to proxy handling. (first fixed release: 2.27.0).
Production impact:
- If left unfixed, this can cause silent data inconsistencies that propagate (bad cache entries, incorrect downstream decisions).
Why This Breaks in Prod
- Performance degradation due to inefficient proxy handling in the Session#send method
- Production symptom (often without a traceback): This seems to be the PR that caused the regression: https://github.com/psf/requests/pull/5681
Proof / Evidence
- GitHub issue: #5891
- Fix PR: https://github.com/psf/requests/pull/5681
- First fixed release: 2.27.0
- Reproduced locally: No (not executed)
- Last verified: 2026-02-07
- Confidence: 0.85
- Did this fix it?: Yes (upstream fix exists)
- Own content ratio: 0.53
Discussion
High-signal excerpts from the issue thread (symptoms, repros, edge-cases).
“Hi guys. Do you know when in theory this issues might be solved and when new version of the library might be released? Do you…”
“We expect the current fix to go out with the 2.27.0 release which is currently scheduled for this coming Monday”
“I dug a little deeper and it looks like **all the time is spent inside getproxies_environment**, here: requests.utils.proxy_bypass:781”
“Any updates on this one? Some hints how to workaround it? Our application spends 80% of time in decoding huge JSON payloads and rebuilding list…”
Failure Signature (Search String)
- This seems to be the PR that caused the regression: https://github.com/psf/requests/pull/5681
- "pyOpenSSL": {
Copy-friendly signature
signature.txt
Failure Signature
-----------------
This seems to be the PR that caused the regression: https://github.com/psf/requests/pull/5681
"pyOpenSSL": {
Error Message
Signature-only (no traceback captured)
error.txt
Error Message
-------------
This seems to be the PR that caused the regression: https://github.com/psf/requests/pull/5681
"pyOpenSSL": {
Minimal Reproduction
repro.py
{
"chardet": {
"version": "3.0.4"
},
"charset_normalizer": {
"version": "2.0.3"
},
"cryptography": {
"version": "3.4.7"
},
"idna": {
"version": "2.10"
},
"implementation": {
"name": "CPython",
"version": "3.7.10"
},
"platform": {
"release": "5.4.0-1055-azure",
"system": "Linux"
},
"pyOpenSSL": {
"openssl_version": "101010bf",
"version": "19.1.0"
},
"requests": {
"version": "2.26.0"
},
"system_ssl": {
"version": "101000cf"
},
"urllib3": {
"version": "1.26.6"
},
"using_charset_normalizer": false,
"using_pyopenssl": true
}
What Broke
Requests using sessions are approximately 70% slower than in previous versions.
Why It Broke
Performance degradation due to inefficient proxy handling in the Session#send method
Fix Options (Details)
Option A — Upgrade to fixed release Safe default (recommended)
pip install requests==2.27.0
When NOT to use: This fix should not be used if the application relies on the previous proxy handling behavior.
Use when you can deploy the upstream fix. It is usually lower-risk than long-lived workarounds.
Option C — Workaround Temporary workaround
it?
When NOT to use: This fix should not be used if the application relies on the previous proxy handling behavior.
Use only if you cannot change versions today. Treat this as a stopgap and remove once upgraded.
Fix reference: https://github.com/psf/requests/pull/5681
First fixed release: 2.27.0
Last verified: 2026-02-07. Validate in your environment.
When NOT to Use This Fix
- This fix should not be used if the application relies on the previous proxy handling behavior.
Verify Fix
verify
Re-run the minimal reproduction on your broken version, then apply the fix and re-run.
Did This Fix Work in Your Case?
Quick signal helps us prioritize which fixes to verify and improve.
Prevention
- Add a TLS smoke test that performs a real handshake in CI (include CA bundle validation and hostname checks).
- Alert on handshake failures by error string and endpoint to catch cert/CA changes quickly.
Version Compatibility Table
| Version | Status |
|---|---|
| 2.27.0 | Fixed |
Related Issues
No related fixes found.
Sources
We don’t republish the full GitHub discussion text. Use the links above for context.