shlex --- 簡單的語法分析¶
原始碼:Lib/shlex.py
The shlex class makes it easy to write lexical analyzers for
simple syntaxes resembling that of the Unix shell. This will often be useful
for writing minilanguages, (for example, in run control files for Python
applications) or for parsing quoted strings.
shlex 模組定義了以下函式:
- shlex.split(s, comments=False, posix=True)¶
Split the string s using shell-like syntax. If comments is
False(the default), the parsing of comments in the given string will be disabled (setting thecommentersattribute of theshlexinstance to the empty string). This function operates in POSIX mode by default, but uses non-POSIX mode if the posix argument is false.在 3.12 版的變更: Passing
Nonefor s argument now raises an exception, rather than readingsys.stdin.
- shlex.join(split_command)¶
Concatenate the tokens of the list split_command and return a string. This function is the inverse of
split().>>> from shlex import join >>> print(join(['echo', '-n', 'Multiple words'])) echo -n 'Multiple words'
The returned value is shell-escaped to protect against injection vulnerabilities (see
quote()).在 3.8 版被加入.
- shlex.quote(s)¶
Return a shell-escaped version of the string s. The returned value is a string that can safely be used as one token in a shell command line, for cases where you cannot use a list.
警告
The
shlexmodule is only designed for Unix shells.The
quote()function is not guaranteed to be correct on non-POSIX compliant shells or shells from other operating systems such as Windows. Executing commands quoted by this module on such shells can open up the possibility of a command injection vulnerability.Consider using functions that pass command arguments with lists such as
subprocess.run()withshell=False.This idiom would be unsafe:
>>> filename = 'somefile; rm -rf ~' >>> command = 'ls -l {}'.format(filename) >>> print(command) # executed by a shell: boom! ls -l somefile; rm -rf ~
quote()lets you plug the security hole:>>> from shlex import quote >>> command = 'ls -l {}'.format(quote(filename)) >>> print(command) ls -l 'somefile; rm -rf ~' >>> remote_command = 'ssh home {}'.format(quote(command)) >>> print(remote_command) ssh home 'ls -l '"'"'somefile; rm -rf ~'"'"''
The quoting is compatible with UNIX shells and with
split():>>> from shlex import split >>> remote_command = split(remote_command) >>> remote_command ['ssh', 'home', "ls -l 'somefile; rm -rf ~'"] >>> command = split(remote_command[-1]) >>> command ['ls', '-l', 'somefile; rm -rf ~']
在 3.3 版被加入.
shlex 模組定義了以下類別:
- class shlex.shlex(instream=None, infile=None, posix=False, punctuation_chars=False)¶
A
shlexinstance or subclass instance is a lexical analyzer object. The initialization argument, if present, specifies where to read characters from. It must be a file-/stream-like object withread()andreadline()methods, or a string. If no argument is given, input will be taken fromsys.stdin. The second optional argument is a filename string, which sets the initial value of theinfileattribute. If the instream argument is omitted or equal tosys.stdin, this second argument defaults to "stdin". The posix argument defines the operational mode: when posix is not true (default), theshlexinstance will operate in compatibility mode. When operating in POSIX mode,shlexwill try to be as close as possible to the POSIX shell parsing rules. The punctuation_chars argument provides a way to make the behaviour even closer to how real shells parse. This can take a number of values: the default value,False, preserves the behaviour seen under Python 3.5 and earlier. If set toTrue, then parsing of the characters();<>|&is changed: any run of these characters (considered punctuation characters) is returned as a single token. If set to a non-empty string of characters, those characters will be used as the punctuation characters. Any characters in thewordcharsattribute that appear in punctuation_chars will be removed fromwordchars. See Improved Compatibility with Shells for more information. punctuation_chars can be set only uponshlexinstance creation and can't be modified later.在 3.6 版的變更: 新增 punctuation_chars 參數。
也參考
configparser模組Parser for configuration files similar to the Windows
.inifiles.
shlex 物件¶
shlex 實例有以下方法:
- shlex.get_token()¶
Return a token. If tokens have been stacked using
push_token(), pop a token off the stack. Otherwise, read one from the input stream. If reading encounters an immediate end-of-file,eofis returned (the empty string ('') in non-POSIX mode, andNonein POSIX mode).
- shlex.push_token(str)¶
Push the argument onto the token stack.
- shlex.read_token()¶
Read a raw token. Ignore the pushback stack, and do not interpret source requests. (This is not ordinarily a useful entry point, and is documented here only for the sake of completeness.)
- shlex.sourcehook(filename)¶
When
shlexdetects a source request (seesourcebelow) this method is given the following token as argument, and expected to return a tuple consisting of a filename and an open file-like object.Normally, this method first strips any quotes off the argument. If the result is an absolute pathname, or there was no previous source request in effect, or the previous source was a stream (such as
sys.stdin), the result is left alone. Otherwise, if the result is a relative pathname, the directory part of the name of the file immediately before it on the source inclusion stack is prepended (this behavior is like the way the C preprocessor handles#include "file.h").The result of the manipulations is treated as a filename, and returned as the first component of the tuple, with
open()called on it to yield the second component. (Note: this is the reverse of the order of arguments in instance initialization!)This hook is exposed so that you can use it to implement directory search paths, addition of file extensions, and other namespace hacks. There is no corresponding 'close' hook, but a shlex instance will call the
close()method of the sourced input stream when it returns EOF.For more explicit control of source stacking, use the
push_source()andpop_source()methods.
- shlex.push_source(newstream,