Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Python, Locales and Writing Systems (PyCon Pola...

Rae Knowler
August 19, 2017
Programming
1
110

Python, Locales and Writing Systems (PyCon Poland, 18th August 2017)

Python 3 removes a lot of the confusion around Unicode handling in Python, but that by no means fixes everything. Different locales and writing systems have unique behaviours that can trip you up. Here's some of the worst ones and how to handle them correctly.

Presented at PyCon Poland 2017: https://pl.pycon.org/2017/agenda_en.html

Links from the presentation:
http://gizmodo.com/382026/a-cellphones-missing-dot-kills-two-people-puts-three-more-in-jail
http://www.i18nguy.com/unicode/turkish-i18n.html
https://pypi.python.org/pypi/PyICU
https://github.com/mpcabd/python-arabic-reshaper
http://www.gernot-katzers-spice-pages.com/var/korean_hangul_unicode.html
https://docs.python.org/2/library/unicodedata.html
http://howto.hackallthethings.com/2016/06/using-multi-byte-characters-to-nullify.html
http://www.rafayhackingarticles.net/2016/08/google-chrome-firefox-address-bar.html
http://www.joelonsoftware.com/articles/Unicode.html
https://eev.ee/blog/2015/09/12/dark-corners-of-unicode/
https://modelviewculture.com/pieces/i-can-text-you-a-pile-of-poo-but-i-cant-write-my-name
http://nopenotarabic.tumblr.com/
http://sites.psu.edu/symbolcodes/

Rae Knowler

August 19, 2017
Tweet

More Decks by Rae Knowler

See All by Rae Knowler
How do vampires use the internet? An exploration of fandom and technology
bellisk
0
340
Liiptalk__Mental_Health_First_Aid.pdf
bellisk
0
71
Hypothesis: Property-based testing for Python
bellisk
0
62
Python, Locales and Writing Systems - PyCon US, 12th May 2018
bellisk
0
100
Unsafe at Any Speed (PyDays Vienna, 5th May 2018)
bellisk
0
82
Unsafe at Any Speed (PyCon UK, 26th October 2017)
bellisk
1
580
Python, Locales and Writing Systems (PyCon Italia, 7th April 2017)
bellisk
1
92
Python, Locales and Writing Systems (Swiss Python Summit 2017)
bellisk
0
97
Python, Locales and Writing Systems
bellisk
0
620

Other Decks in Programming

See All in Programming
リアーキテクチャxDDD 1年間の取り組みと進化
hsawaji
1
220
Kaigi on Rails 2024 〜運営の裏側〜
krpk1900
1
220
イベント駆動で成長して委員会
happymana
1
320
OSSで起業してもうすぐ10年 / Open Source Conference 2024 Shimane
furukawayasuto
0
100
Less waste, more joy, and a lot more green: How Quarkus makes Java better
hollycummins
0
100
Tauriでネイティブアプリを作りたい
tsucchinoko
0
370
Remix on Hono on Cloudflare Workers
yusukebe
1
290
2024/11/8 関西Kaggler会 2024 #3 / Kaggle Kernel で Gemma 2 × vLLM を動かす。
kohecchi
5
920
レガシーシステムにどう立ち向かうか 複雑さと理想と現実/vs-legacy
suzukihoge
14
2.2k
Laravel や Symfony で手っ取り早く
OpenAPI のドキュメントを作成する
azuki
2
120
What’s New in Compose Multiplatform - A Live Tour (droidcon London 2024)
zsmb
1
470
AWS IaCの注目アップデート 2024年10月版
konokenj
3
3.3k

Featured

See All Featured
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
10 Git Anti Patterns You Should be Aware of
lemiorhan
654
59k
The Cult of Friendly URLs
andyhume
78
6k
Ruby is Unlike a Banana
tanoku
97
11k
The Language of Interfaces
destraynor
154
24k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
10
720
Gamification - CAS2011
davidbonilla
80
5k
Done Done
chrislema
181
16k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.7k
The Cost Of JavaScript in 2023
addyosmani
45
6.8k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
6
410
Optimizing for Happiness
mojombo
376
70k

Transcript

  1. Python, Locales and Writing Systems Rae Knowler PyCon Poland 18th

    August 2017

  2. #PyConPL @RaeKnowler About me CKAN, Symfony, Django @RaeKnowler they/their/them

  3. #PyConPL @RaeKnowler Python 3 is great Unicode by default! Source

    file encoding assumed to be UTF-8 No need to specify u'foobar' for non-ascii strings Less of this:

  4. #PyConPL @RaeKnowler Turkish i and ı http://gizmodo.com/382026/a-cellphones-missing-dot-kills- two-people-puts-three-more-in-jail Emine Çalçoban

    Ramazan Çalçoban

  5. #PyConPL @RaeKnowler Turkish i and ı Dotless: 'ı' (U+0131), 'I'

    (U+0049) Dotted: 'i' (U+0069), 'İ' (U+0130) More details here: http://www.i18nguy.com/unicode/turkish-i18n.html

  6. #PyConPL @RaeKnowler Turkish i and ı

  7. #PyConPL @RaeKnowler Turkish i and ı

  8. #PyConPL @RaeKnowler Turkish i and ı - Solutions • PyICU:

    a Python extension wrapping IBM’s International Components for Unicode C++ library (ICU). https://pypi.python.org/pypi/PyICU • Or… make a translation table and use str.translate() to replace characters when changing the case

  9. #PyConPL @RaeKnowler Right-to-left writing systems https://en.wikipedia.org/wiki/File:Simtat_Aluf_Batslut.JPG

  10. #PyConPL @RaeKnowler Right-to-left writing systems Unicode wants characters ordered logically,

    not visually → we need bidirectional (bidi) support → pip install python-bidi

  11. #PyConPL @RaeKnowler Right-to-left writing systems

  12. Right-to-left writing systems Arabic letters have contextual forms: Their placement

    in the text changes their shape. https://en.wikipedia.org/wiki/Arabic_script_in_Unicode#Contextual_forms

  13. #PyConPL @RaeKnowler → Python Arabic Reshaper to the rescue: https://github.com/mpcabd/python-arabic-reshaper

    Right-to-left writing systems

  14. #PyConPL @RaeKnowler Fullwidth and halfwidth characters Notice any difference? The quick brown fox jumped over

     the lazy dog. The quick brown fox jumped over the lazy dog.

  15. #PyConPL @RaeKnowler Fullwidth and halfwidth characters Courier New doesn’t even

    bother styling the fullwidth characters. The quick brown fox jumped  over  the lazy dog. The quick brown fox jumped over the lazy dog.

  16. #PyConPL @RaeKnowler Fullwidth and halfwidth characters 假借字, 形声字 Han characters

    (in Chinese, Japanese, Korean) are fullwidth

  17. #PyConPL @RaeKnowler Fullwidth and halfwidth characters 假借字, 形声字 ミムメモヤユヨラリルレロワン ミムメモヤユヨラリルレロワン

    There are fullwidth and halfwidth kana (Japanese)

  18. #PyConPL @RaeKnowler Fullwidth and halfwidth characters 假借字, 形声字 ミムメモヤユヨラリルレロワン ミムメモヤユヨラリルレロワン

    なにぬねのは Hiragana (Japanese) are always fullwidth

  19. #PyConPL @RaeKnowler Fullwidth and halfwidth characters Copyright © 2008 W3C®

    (MIT, ERCIM, Keio), All Rights Reserved. https://www.w3.org/2007/02/japanese-layout/docs/aligned/japanese-layout-requirements-en.html

  20. #PyConPL @RaeKnowler Fullwidth and halfwidth characters pip install jaconv

  21. #PyConPL @RaeKnowler Fullwidth and halfwidth characters pip install jaconv

  22. #PyConPL @RaeKnowler Korean text Lots more detail here: http://www.gernot-katzers-spice-pages.com/var/korean_ha ngul_unicode.html

    https://en.wikipedia.org/wiki/Hangul#/media/File:Hangeul.svg

  23. #PyConPL @RaeKnowler Korean text Unicode canonical equivalence: You can build

    the same character in several different ways, and they mean the same thing. 한 means the same as ㅎㅏㄴ

  24. #PyConPL @RaeKnowler Korean text Unicode canonical equivalence: You can build

    the same character in several different ways, and they mean the same thing. 한 means the same as ㅎㅏㄴ Normal Form D (NFD): ㅎㅏㄴ Normal Form C (NFC): 한

  25. #PyConPL @RaeKnowler Korean text Unicode compatibility equivalence: There are multiple

    code points for identical characters, for backwards compatibility reasons U+2160 (ROMAN NUMERAL ONE) is really the same thing as U+0049 (LATIN CAPITAL LETTER I) (https://docs.python.org/2/library/unicodedata.html )

  26. #PyConPL @RaeKnowler Korean text

  27. #PyConPL @RaeKnowler Korean text

  28. #PyConPL @RaeKnowler Korean text

  29. #PyConPL @RaeKnowler Korean text

  30. #PyConPL @RaeKnowler Korean text

  31. #PyConPL @RaeKnowler Security This is a huge topic! A couple

    of quick examples...

  32. #PyConPL @RaeKnowler Security - SQL Injection User input: I don't

    like raisins Sanitised user input: 'I don\'t like raisins' Hex encoding of \ is 0x5C

  33. #PyConPL @RaeKnowler Security - SQL Injection Hex encoding for 稞:

    0xb8 0x5c User input: 0xb8' OR 1=1 Sanitised user input: '稞 OR 1=1'

  34. #PyConPL @RaeKnowler Security - SQL Injection More details here: http://howto.hackallthethings.com/2016/06/using-multi-byt

    e-characters-to-nullify.html

  35. #PyConPL @RaeKnowler Security - Address Bar Spoofing A nice google.com

    link: http://google.com/test/test/test/تارﺎﻣا.ﻲﺑﺮﻋ This actually led to: http://تارﺎﻣا.ﻲﺑﺮﻋ/google.com/test/test/test

  36. #PyConPL @RaeKnowler Security - Address Bar Spoofing More details here:

    http://www.rafayhackingarticles.net/2016/08/google-chrom e-firefox-address-bar.html

  37. #PyConPL @RaeKnowler Security - Unicode characters in urls https://аррӏе.com vs

    https://apple.com

  38. #PyConPL @RaeKnowler Security - Unicode characters in urls https://аррӏе.com vs

    https://apple.com Xudong Zheng, Phishing with Unicode Domains: https://www.xudongz.com/blog/2017/idn-phishing/ Safari, Edge and Chrome: show an alert Firefox: see Zheng's page for a fix

  39. #PyConPL @RaeKnowler Security - Unicode characters in urls Unicode trick

    lets hackers hide phishing URLs (The Guardian, April 2017) https://www.theguardian.com/technology/2017/apr/19/phi shing-url-trick-hackers Spoofing URLs with Unicode (Slashdot, May 2002) https://it.slashdot.org/story/02/05/28/0142248/spoofing-ur ls-with-unicode

  40. #PyConPL @RaeKnowler Conclusions This stuff isn't easy … but it

    is interesting! There are a lot of useful libraries out there. You won't be the first person to have your particular problem. Python 3 makes dealing with Unicode a lot easier.

  41. #PyConPL @RaeKnowler Further links • The Absolute Minimum Every Software

    Developer Absolutely, Positively Must Know About Unicode and Character Sets (No Excuses!): http://www.joelonsoftware.com/articles/Unicode.html • Dark corners of Unicode: https://eev.ee/blog/2015/09/12/dark-corners-of-unicode • I Can Text You A Pile of Poo, But I Can’t Write My Name: https://modelviewculture.com/pieces/i-can-text-you-a-pile-of-poo-bu t-i-cant-write-my-name • Nope, Not Arabic: http://nopenotarabic.tumblr.com/ • Symbol Codes, Computing with Accents, Symbols and Foreign Scripts: http://sites.psu.edu/symbolcodes/

  42. Thanks! @RaeKnowler [email protected]