Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Python, Locales and Writing Systems (PyCon Pola...

Rae Knowler
August 19, 2017
Programming
1
110

Python, Locales and Writing Systems (PyCon Poland, 18th August 2017)

Python 3 removes a lot of the confusion around Unicode handling in Python, but that by no means fixes everything. Different locales and writing systems have unique behaviours that can trip you up. Here's some of the worst ones and how to handle them correctly.

Presented at PyCon Poland 2017: https://pl.pycon.org/2017/agenda_en.html

Links from the presentation:
http://gizmodo.com/382026/a-cellphones-missing-dot-kills-two-people-puts-three-more-in-jail
http://www.i18nguy.com/unicode/turkish-i18n.html
https://pypi.python.org/pypi/PyICU
https://github.com/mpcabd/python-arabic-reshaper
http://www.gernot-katzers-spice-pages.com/var/korean_hangul_unicode.html
https://docs.python.org/2/library/unicodedata.html
http://howto.hackallthethings.com/2016/06/using-multi-byte-characters-to-nullify.html
http://www.rafayhackingarticles.net/2016/08/google-chrome-firefox-address-bar.html
http://www.joelonsoftware.com/articles/Unicode.html
https://eev.ee/blog/2015/09/12/dark-corners-of-unicode/
https://modelviewculture.com/pieces/i-can-text-you-a-pile-of-poo-but-i-cant-write-my-name
http://nopenotarabic.tumblr.com/
http://sites.psu.edu/symbolcodes/

Rae Knowler

August 19, 2017
Tweet

More Decks by Rae Knowler

See All by Rae Knowler
How do vampires use the internet? An exploration of fandom and technology
bellisk
0
330
Liiptalk__Mental_Health_First_Aid.pdf
bellisk
0
71
Hypothesis: Property-based testing for Python
bellisk
0
62
Python, Locales and Writing Systems - PyCon US, 12th May 2018
bellisk
0
100
Unsafe at Any Speed (PyDays Vienna, 5th May 2018)
bellisk
0
80
Unsafe at Any Speed (PyCon UK, 26th October 2017)
bellisk
1
580
Python, Locales and Writing Systems (PyCon Italia, 7th April 2017)
bellisk
1
92
Python, Locales and Writing Systems (Swiss Python Summit 2017)
bellisk
0
97
Python, Locales and Writing Systems
bellisk
0
610

Other Decks in Programming

See All in Programming
What’s New in Compose Multiplatform - A Live Tour (droidcon London 2024)
zsmb
1
340
とにかくAWS GameDay!AWSは世界の共通言語! / Anyway, AWS GameDay! AWS is the world's lingua franca!
seike460
PRO
1
550
Content Security Policy入門 セキュリティ設定と 違反レポートのはじめ方 / Introduction to Content Security Policy Getting Started with Security Configuration and Violation Reporting
uskey512
1
430
C#/.NETのこれまでのふりかえり
tomokusaba
1
160
役立つログに取り組もう
irof
26
8.7k
Tuning GraphQL on Rails
pyama86
2
1k
Kaigi on Rails 2024 - Rails APIモードのためのシンプルで効果的なCSRF対策 / kaigionrails-2024-csrf
corocn
5
3.4k
PHP でアセンブリ言語のように書く技術
memory1994
PRO
1
150
外部システム連携先が10を超えるシステムでのアーキテクチャ設計・実装事例
kiwasaki
1
230
色々なIaCツールを実際に触って比較してみる
iriikeita
0
270
Modern Angular: Renovation for Your Applications
manfredsteyer
PRO
0
210
Identifying User Idenity
moro
6
7.9k

Featured

See All Featured
How STYLIGHT went responsive
nonsquared
95
5.2k
Mobile First: as difficult as doing things right
swwweet
222
8.9k
Become a Pro
speakerdeck
PRO
24
5k
Bash Introduction
62gerente
608
210k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
26
2.1k
Typedesign – Prime Four
hannesfritz
39
2.4k
10 Git Anti Patterns You Should be Aware of
lemiorhan
654
59k
BBQ
matthewcrist
85
9.3k
Intergalactic Javascript Robots from Outer Space
tanoku
268
27k
4 Signs Your Business is Dying
shpigford
180
21k
The Cost Of JavaScript in 2023
addyosmani
45
6.6k
Build The Right Thing And Hit Your Dates
maggiecrowley
32
2.4k

Transcript

  1. Python, Locales and Writing Systems Rae Knowler PyCon Poland 18th

    August 2017

  2. #PyConPL @RaeKnowler About me CKAN, Symfony, Django @RaeKnowler they/their/them

  3. #PyConPL @RaeKnowler Python 3 is great Unicode by default! Source

    file encoding assumed to be UTF-8 No need to specify u'foobar' for non-ascii strings Less of this:

  4. #PyConPL @RaeKnowler Turkish i and ı http://gizmodo.com/382026/a-cellphones-missing-dot-kills- two-people-puts-three-more-in-jail Emine Çalçoban

    Ramazan Çalçoban

  5. #PyConPL @RaeKnowler Turkish i and ı Dotless: 'ı' (U+0131), 'I'

    (U+0049) Dotted: 'i' (U+0069), 'İ' (U+0130) More details here: http://www.i18nguy.com/unicode/turkish-i18n.html

  6. #PyConPL @RaeKnowler Turkish i and ı

  7. #PyConPL @RaeKnowler Turkish i and ı

  8. #PyConPL @RaeKnowler Turkish i and ı - Solutions • PyICU:

    a Python extension wrapping IBM’s International Components for Unicode C++ library (ICU). https://pypi.python.org/pypi/PyICU • Or… make a translation table and use str.translate() to replace characters when changing the case

  9. #PyConPL @RaeKnowler Right-to-left writing systems https://en.wikipedia.org/wiki/File:Simtat_Aluf_Batslut.JPG

  10. #PyConPL @RaeKnowler Right-to-left writing systems Unicode wants characters ordered logically,

    not visually → we need bidirectional (bidi) support → pip install python-bidi

  11. #PyConPL @RaeKnowler Right-to-left writing systems

  12. Right-to-left writing systems Arabic letters have contextual forms: Their placement

    in the text changes their shape. https://en.wikipedia.org/wiki/Arabic_script_in_Unicode#Contextual_forms

  13. #PyConPL @RaeKnowler → Python Arabic Reshaper to the rescue: https://github.com/mpcabd/python-arabic-reshaper

    Right-to-left writing systems

  14. #PyConPL @RaeKnowler Fullwidth and halfwidth characters Notice any difference? The quick brown fox jumped over

     the lazy dog. The quick brown fox jumped over the lazy dog.

  15. #PyConPL @RaeKnowler Fullwidth and halfwidth characters Courier New doesn’t even

    bother styling the fullwidth characters. The quick brown fox jumped  over  the lazy dog. The quick brown fox jumped over the lazy dog.

  16. #PyConPL @RaeKnowler Fullwidth and halfwidth characters 假借字, 形声字 Han characters

    (in Chinese, Japanese, Korean) are fullwidth

  17. #PyConPL @RaeKnowler Fullwidth and halfwidth characters 假借字, 形声字 ミムメモヤユヨラリルレロワン ミムメモヤユヨラリルレロワン

    There are fullwidth and halfwidth kana (Japanese)

  18. #PyConPL @RaeKnowler Fullwidth and halfwidth characters 假借字, 形声字 ミムメモヤユヨラリルレロワン ミムメモヤユヨラリルレロワン

    なにぬねのは Hiragana (Japanese) are always fullwidth

  19. #PyConPL @RaeKnowler Fullwidth and halfwidth characters Copyright © 2008 W3C®

    (MIT, ERCIM, Keio), All Rights Reserved. https://www.w3.org/2007/02/japanese-layout/docs/aligned/japanese-layout-requirements-en.html

  20. #PyConPL @RaeKnowler Fullwidth and halfwidth characters pip install jaconv

  21. #PyConPL @RaeKnowler Fullwidth and halfwidth characters pip install jaconv

  22. #PyConPL @RaeKnowler Korean text Lots more detail here: http://www.gernot-katzers-spice-pages.com/var/korean_ha ngul_unicode.html

    https://en.wikipedia.org/wiki/Hangul#/media/File:Hangeul.svg

  23. #PyConPL @RaeKnowler Korean text Unicode canonical equivalence: You can build

    the same character in several different ways, and they mean the same thing. 한 means the same as ㅎㅏㄴ

  24. #PyConPL @RaeKnowler Korean text Unicode canonical equivalence: You can build

    the same character in several different ways, and they mean the same thing. 한 means the same as ㅎㅏㄴ Normal Form D (NFD): ㅎㅏㄴ Normal Form C (NFC): 한

  25. #PyConPL @RaeKnowler Korean text Unicode compatibility equivalence: There are multiple

    code points for identical characters, for backwards compatibility reasons U+2160 (ROMAN NUMERAL ONE) is really the same thing as U+0049 (LATIN CAPITAL LETTER I) (https://docs.python.org/2/library/unicodedata.html )

  26. #PyConPL @RaeKnowler Korean text

  27. #PyConPL @RaeKnowler Korean text

  28. #PyConPL @RaeKnowler Korean text

  29. #PyConPL @RaeKnowler Korean text

  30. #PyConPL @RaeKnowler Korean text

  31. #PyConPL @RaeKnowler Security This is a huge topic! A couple

    of quick examples...

  32. #PyConPL @RaeKnowler Security - SQL Injection User input: I don't

    like raisins Sanitised user input: 'I don\'t like raisins' Hex encoding of \ is 0x5C

  33. #PyConPL @RaeKnowler Security - SQL Injection Hex encoding for 稞:

    0xb8 0x5c User input: 0xb8' OR 1=1 Sanitised user input: '稞 OR 1=1'

  34. #PyConPL @RaeKnowler Security - SQL Injection More details here: http://howto.hackallthethings.com/2016/06/using-multi-byt

    e-characters-to-nullify.html

  35. #PyConPL @RaeKnowler Security - Address Bar Spoofing A nice google.com

    link: http://google.com/test/test/test/تارﺎﻣا.ﻲﺑﺮﻋ This actually led to: http://تارﺎﻣا.ﻲﺑﺮﻋ/google.com/test/test/test

  36. #PyConPL @RaeKnowler Security - Address Bar Spoofing More details here:

    http://www.rafayhackingarticles.net/2016/08/google-chrom e-firefox-address-bar.html

  37. #PyConPL @RaeKnowler Security - Unicode characters in urls https://аррӏе.com vs

    https://apple.com

  38. #PyConPL @RaeKnowler Security - Unicode characters in urls https://аррӏе.com vs

    https://apple.com Xudong Zheng, Phishing with Unicode Domains: https://www.xudongz.com/blog/2017/idn-phishing/ Safari, Edge and Chrome: show an alert Firefox: see Zheng's page for a fix

  39. #PyConPL @RaeKnowler Security - Unicode characters in urls Unicode trick

    lets hackers hide phishing URLs (The Guardian, April 2017) https://www.theguardian.com/technology/2017/apr/19/phi shing-url-trick-hackers Spoofing URLs with Unicode (Slashdot, May 2002) https://it.slashdot.org/story/02/05/28/0142248/spoofing-ur ls-with-unicode

  40. #PyConPL @RaeKnowler Conclusions This stuff isn't easy … but it

    is interesting! There are a lot of useful libraries out there. You won't be the first person to have your particular problem. Python 3 makes dealing with Unicode a lot easier.

  41. #PyConPL @RaeKnowler Further links • The Absolute Minimum Every Software

    Developer Absolutely, Positively Must Know About Unicode and Character Sets (No Excuses!): http://www.joelonsoftware.com/articles/Unicode.html • Dark corners of Unicode: https://eev.ee/blog/2015/09/12/dark-corners-of-unicode • I Can Text You A Pile of Poo, But I Can’t Write My Name: https://modelviewculture.com/pieces/i-can-text-you-a-pile-of-poo-bu t-i-cant-write-my-name • Nope, Not Arabic: http://nopenotarabic.tumblr.com/ • Symbol Codes, Computing with Accents, Symbols and Foreign Scripts: http://sites.psu.edu/symbolcodes/

  42. Thanks! @RaeKnowler [email protected]