History of Character Codes¶

In 1968, the American Standard Code for Information Interchange, better known byits acronym ASCII, was standardized. ASCII defined numeric codes for variouscharacters, with the numeric values running from 0 to127. For example, the lowercase letter ‘a’ is assigned 97 as its codevalue.

ASCII was an American-developed standard, so it only defined unaccentedcharacters. There was an ‘e’, but no ‘é’ or ‘Í’. This meant that languageswhich required accented characters couldn’t be faithfully represented in ASCII.(Actually the missing accents matter for English, too, which contains words suchas ‘naïve’ and ‘café’, and some publications have house styles which requirespellings such as ‘coöperate’.)

For a while people just wrote programs that didn’t display accents. I rememberlooking at Apple ][ BASIC programs, published in French-language publications inthe mid-1980s, that had lines like these:

PRINT"MISE A JOUR TERMINEE"PRINT"PARAMETRES ENREGISTRES"

Those messages should contain accents, and they just look wrong to someone whocan read French.

In the 1980s, almost all personal computers were 8-bit, meaning that bytes couldhold values ranging from 0 to 255. ASCII codes only went up to 127, so somemachines assigned values between 128 and 255 to accented characters. Differentmachines had different codes, however, which led to problems exchanging files.Eventually various commonly used sets of values for the 128–255 range emerged.Some were true standards, defined by the International Organization forStandardization, and some werede facto conventions that were invented by onecompany or another and managed to catch on.

255 characters aren’t very many. For example, you can’t fit both the accentedcharacters used in Western Europe and the Cyrillic alphabet used for Russianinto the 128–255 range because there are more than 128 such characters.

You could write files using different codes (all your Russian files in a codingsystem called KOI8, all your French files in a different coding system calledLatin1), but what if you wanted to write a French document that quotes someRussian text? In the 1980s people began to want to solve this problem, and theUnicode standardization effort began.

Unicode started out using 16-bit characters instead of 8-bit characters. 16bits means you have 2^16 = 65,536 distinct values available, making it possibleto represent many different characters from many different alphabets; an initialgoal was to have Unicode contain the alphabets for every single human language.It turns out that even 16 bits isn’t enough to meet that goal, and the modernUnicode specification uses a wider range of codes, 0–1,114,111 (0x10ffff inbase-16).

There’s a related ISO standard, ISO 10646. Unicode and ISO 10646 wereoriginally separate efforts, but the specifications were merged with the 1.1revision of Unicode.

(This discussion of Unicode’s history is highly simplified. I don’t think theaverage Python programmer needs to worry about the historical details; consultthe Unicode consortium site listed in the References for more information.)

Definitions¶

Acharacter is the smallest possible component of a text. ‘A’, ‘B’, ‘C’,etc., are all different characters. So are ‘È’ and ‘Í’. Characters areabstractions, and vary depending on the language or context you’re talkingabout. For example, the symbol for ohms (Ω) is usually drawn much like thecapital letter omega (Ω) in the Greek alphabet (they may even be the same insome fonts), but these are two different characters that have differentmeanings.

The Unicode standard describes how characters are represented bycodepoints. A code point is an integer value, usually denoted in base 16. In thestandard, a code point is written using the notation U+12ca to mean thecharacter with value 0x12ca (4810 decimal). The Unicode standard contains a lotof tables listing characters and their corresponding code points:

0061'a';LATINSMALLLETTERA0062'b';LATINSMALLLETTERB0063'c';LATINSMALLLETTERC...007B'{';LEFTCURLYBRACKET

Strictly, these definitions imply that it’s meaningless to say ‘this ischaracter U+12ca’. U+12ca is a code point, which represents some particularcharacter; in this case, it represents the character ‘ETHIOPIC SYLLABLE WI’. Ininformal contexts, this distinction between code points and characters willsometimes be forgotten.

A character is represented on a screen or on paper by a set of graphicalelements that’s called aglyph. The glyph for an uppercase A, for example,is two diagonal strokes and a horizontal stroke, though the exact details willdepend on the font being used. Most Python code doesn’t need to worry aboutglyphs; figuring out the correct glyph to display is generally the job of a GUItoolkit or a terminal’s font renderer.

Encodings¶

To summarize the previous section: a Unicode string is a sequence of codepoints, which are numbers from 0 to 0x10ffff. This sequence needs to berepresented as a set of bytes (meaning, values from 0–255) in memory. The rulesfor translating a Unicode string into a sequence of bytes are called anencoding.

The first encoding you might think of is an array of 32-bit integers. In thisrepresentation, the string “Python” would look like this:

Python0x500000007900000074000000680000006f0000006e00000001234567891011121314151617181920212223

This representation is straightforward but using it presents a number ofproblems.

1. It’s not portable; different processors order the bytes differently.

2. It’s very wasteful of space. In most texts, the majority of the code pointsare less than 127, or less than 255, so a lot of space is occupied by zerobytes. The above string takes 24 bytes compared to the 6 bytes needed for anASCII representation. Increased RAM usage doesn’t matter too much (desktopcomputers have megabytes of RAM, and strings aren’t usually that large), butexpanding our usage of disk and network bandwidth by a factor of 4 isintolerable.

3. It’s not compatible with existing C functions such asstrlen(), so a newfamily of wide string functions would need to be used.

4. Many Internet standards are defined in terms of textual data, and can’thandle content with embedded zero bytes.

Generally people don’t use this encoding, instead choosing otherencodings that are more efficient and convenient. UTF-8 is probablythe most commonly supported encoding; it will be discussed below.

Encodings don’t have to handle every possible Unicode character, and mostencodings don’t. For example, Python’s default encoding is the ‘ascii’encoding. The rules for converting a Unicode string into the ASCII encoding aresimple; for each code point:

1. If the code point is < 128, each byte is the same as the value of the codepoint.

2. If the code point is 128 or greater, the Unicode string can’t be representedin this encoding. (Python raises aUnicodeEncodeError exception in thiscase.)

Latin-1, also known as ISO-8859-1, is a similar encoding. Unicode code points0–255 are identical to the Latin-1 values, so converting to this encoding simplyrequires converting code points to byte values; if a code point larger than 255is encountered, the string can’t be encoded into Latin-1.

Encodings don’t have to be simple one-to-one mappings like Latin-1. ConsiderIBM’s EBCDIC, which was used on IBM mainframes. Letter values weren’t in oneblock: ‘a’ through ‘i’ had values from 129 to 137, but ‘j’ through ‘r’ were 145through 153. If you wanted to use EBCDIC as an encoding, you’d probably usesome sort of lookup table to perform the conversion, but this is largely aninternal detail.

UTF-8 is one of the most commonly used encodings. UTF stands for “UnicodeTransformation Format”, and the ‘8’ means that 8-bit numbers are used in theencoding. (There’s also a UTF-16 encoding, but it’s less frequently used thanUTF-8.) UTF-8 uses the following rules:

1. If the code point is <128, it’s represented by the corresponding byte value.

2. If the code point is between 128 and 0x7ff, it’s turned into two byte valuesbetween 128 and 255.

3. Code points >0x7ff are turned into three- or four-byte sequences, where eachbyte of the sequence is between 128 and 255.

UTF-8 has several convenient properties:

1. It can handle any Unicode code point.

2. A Unicode string is turned into a string of bytes containing no embedded zerobytes. This avoids byte-ordering issues, and means UTF-8 strings can beprocessed by C functions such asstrcpy() and sent through protocols thatcan’t handle zero bytes.

3. A string of ASCII text is also valid UTF-8 text.

4. UTF-8 is fairly compact; the majority of code points are turned into twobytes, and values less than 128 occupy only a single byte.

5. If bytes are corrupted or lost, it’s possible to determine the start of thenext UTF-8-encoded code point and resynchronize. It’s also unlikely thatrandom 8-bit data will look like valid UTF-8.

References¶

The Unicode Consortium site at <http://www.unicode.org> has character charts, aglossary, and PDF versions of the Unicode specification. Be prepared for somedifficult reading. <http://www.unicode.org/history/> is a chronology of theorigin and development of Unicode.

To help understand the standard, Jukka Korpela has written an introductory guideto reading the Unicode character tables, available at<https://www.cs.tut.fi/~jkorpela/unicode/guide.html>.

Another good introductory article was written by Joel Spolsky<http://www.joelonsoftware.com/articles/Unicode.html>.If this introduction didn’t make things clear to you, you should try reading thisalternate article before continuing.

Wikipedia entries are often helpful; see the entries for “character encoding”<http://en.wikipedia.org/wiki/Character_encoding> and UTF-8<http://en.wikipedia.org/wiki/UTF-8>, for example.

The Unicode Type¶

Unicode strings are expressed as instances of theunicode type, one ofPython’s repertoire of built-in types. It derives from an abstract type calledbasestring, which is also an ancestor of thestr type; you cantherefore check if a value is a string type withisinstance(value,basestring). Under the hood, Python represents Unicode strings as either 16-or 32-bit integers, depending on how the Python interpreter was compiled.

Theunicode() constructor has the signatureunicode(string[,encoding,errors]). All of its arguments should be 8-bit strings. The first argumentis converted to Unicode using the specified encoding; if you leave off theencoding argument, the ASCII encoding is used for the conversion, socharacters greater than 127 will be treated as errors:

>>>unicode('abcdef')u'abcdef'>>>s=unicode('abcdef')>>>type(s)<type 'unicode'>>>>unicode('abcdef'+chr(255))Traceback (most recent call last):...UnicodeDecodeError:'ascii' codec can't decode byte 0xff in position 6:ordinal not in range(128)

Theerrors argument specifies the response when the input string can’t beconverted according to the encoding’s rules. Legal values for this argument are‘strict’ (raise aUnicodeDecodeError exception), ‘replace’ (add U+FFFD,‘REPLACEMENT CHARACTER’), or ‘ignore’ (just leave the character out of theUnicode result). The following examples show the differences:

>>>unicode('\x80abc',errors='strict')Traceback (most recent call last):...UnicodeDecodeError:'ascii' codec can't decode byte 0x80 in position 0:ordinal not in range(128)>>>unicode('\x80abc',errors='replace')u'\ufffdabc'>>>unicode('\x80abc',errors='ignore')u'abc'

Encodings are specified as strings containing the encoding’s name. Python 2.7comes with roughly 100 different encodings; see the Python Library Reference atStandard Encodings for a list. Some encodingshave multiple names; for example, ‘latin-1’, ‘iso_8859_1’ and ‘8859’ are allsynonyms for the same encoding.

One-character Unicode strings can also be created with theunichr()built-in function, which takes integers and returns a Unicode string of length 1that contains the corresponding code point. The reverse operation is thebuilt-inord() function that takes a one-character Unicode string andreturns the code point value:

>>>unichr(40960)u'\ua000'>>>ord(u'\ua000')40960

Instances of theunicode type have many of the same methods as the8-bit string type for operations such as searching and formatting:

>>>s=u'Was ever feather so lightly blown to and fro as this multitude?'>>>s.count('e')5>>>s.find('feather')9>>>s.find('bird')-1>>>s.replace('feather','sand')u'Was ever sand so lightly blown to and fro as this multitude?'>>>s.upper()u'WAS EVER FEATHER SO LIGHTLY BLOWN TO AND FRO AS THIS MULTITUDE?'

Note that the arguments to these methods can be Unicode strings or 8-bitstrings. 8-bit strings will be converted to Unicode before carrying out theoperation; Python’s default ASCII encoding will be used, so characters greaterthan 127 will cause an exception:

>>>s.find('Was\x9f')Traceback (most recent call last):...UnicodeDecodeError:'ascii' codec can't decode byte 0x9f in position 3:ordinal not in range(128)>>>s.find(u'Was\x9f')-1

Much Python code that operates on strings will therefore work with Unicodestrings without requiring any changes to the code. (Input and output code needsmore updating for Unicode; more on this later.)

Another important method is.encode([encoding],[errors='strict']), whichreturns an 8-bit string version of the Unicode string, encoded in the requestedencoding. Theerrors parameter is the same as the parameter of theunicode() constructor, with one additional possibility; as well as ‘strict’,‘ignore’, and ‘replace’, you can also pass ‘xmlcharrefreplace’ which uses XML’scharacter references. The following example shows the different results:

>>>u=unichr(40960)+u'abcd'+unichr(1972)>>>u.encode('utf-8')'\xea\x80\x80abcd\xde\xb4'>>>u.encode('ascii')Traceback (most recent call last):...UnicodeEncodeError:'ascii' codec can't encode character u'\ua000' inposition 0: ordinal not in range(128)>>>u.encode('ascii','ignore')'abcd'>>>u.encode('ascii','replace')'?abcd?'>>>u.encode('ascii','xmlcharrefreplace')'ꀀabcd޴'

Python’s 8-bit strings have a.decode([encoding],[errors]) method thatinterprets the string using the given encoding:

>>>u=unichr(40960)+u'abcd'+unichr(1972)# Assemble a string>>>utf8_version=u.encode('utf-8')# Encode as UTF-8>>>type(utf8_version),utf8_version(<type 'str'>, '\xea\x80\x80abcd\xde\xb4')>>>u2=utf8_version.decode('utf-8')# Decode using UTF-8>>>u==u2# The two strings matchTrue

The low-level routines for registering and accessing the available encodings arefound in thecodecs module. However, the encoding and decoding functionsreturned by this module are usually more low-level than is comfortable, so I’mnot going to describe thecodecs module here. If you need to implement acompletely new encoding, you’ll need to learn about thecodecs moduleinterfaces, but implementing encodings is a specialized task that also won’t becovered here. Consult the Python documentation to learn more about this module.

The most commonly used part of thecodecs module is thecodecs.open() function which will be discussed in the section on input andoutput.

Unicode Literals in Python Source Code¶

In Python source code, Unicode literals are written as strings prefixed with the‘u’ or ‘U’ character:u'abcdefghijk'. Specific code points can be writtenusing the\u escape sequence, which is followed by four hex digits givingthe code point. The\U escape sequence is similar, but expects 8 hexdigits, not 4.

Unicode literals can also use the same escape sequences as 8-bit strings,including\x, but\x only takes two hex digits so it can’t express anarbitrary code point. Octal escapes can go up to U+01ff, which is octal 777.

>>>s=u"a\xac\u1234\u20ac\U00008000"...#      ^^^^ two-digit hex escape...#          ^^^^^^ four-digit Unicode escape...#                      ^^^^^^^^^^ eight-digit Unicode escape>>>forcins:printord(c),...97 172 4660 8364 32768

Using escape sequences for code points greater than 127 is fine in small doses,but becomes an annoyance if you’re using many accented characters, as you wouldin a program with messages in French or some other accent-using language. Youcan also assemble strings using theunichr() built-in function, but this iseven more tedious.

Ideally, you’d want to be able to write literals in your language’s naturalencoding. You could then edit Python source code with your favorite editorwhich would display the accented characters naturally, and have the rightcharacters used at runtime.

Python supports writing Unicode literals in any encoding, but you have todeclare the encoding being used. This is done by including a special comment aseither the first or second line of the source file:

#!/usr/bin/env python# -*- coding: latin-1 -*-u=u'abcdé'printord(u[-1])

The syntax is inspired by Emacs’s notation for specifying variables local to afile. Emacs supports many different variables, but Python only supports‘coding’. The-*- symbols indicate to Emacs that the comment is special;they have no significance to Python but are a convention. Python looks forcoding:name orcoding=name in the comment.

If you don’t include such a comment, the default encoding used will be ASCII.Versions of Python before 2.4 were Euro-centric and assumed Latin-1 as a defaultencoding for string literals; in Python 2.4, characters greater than 127 stillwork but result in a warning. For example, the following program has noencoding declaration:

#!/usr/bin/env pythonu=u'abcdé'printord(u[-1])

When you run it with Python 2.4, it will output the following warning:

amk:~$ python2.4 p263.pysys:1: DeprecationWarning: Non-ASCII character '\xe9'     in file p263.py on line 2, but no encoding declared;     see https://www.python.org/peps/pep-0263.html for details

Python 2.5 and higher are stricter and will produce a syntax error:

amk:~$ python2.5 p263.pyFile "/tmp/p263.py", line 2SyntaxError: Non-ASCII character '\xc3' in file /tmp/p263.py  on line 2, but no encoding declared; see  https://www.python.org/peps/pep-0263.html for details

Unicode Properties¶

The Unicode specification includes a database of information about code points.For each code point that’s defined, the information includes the character’sname, its category, the numeric value if applicable (Unicode has charactersrepresenting the Roman numerals and fractions such as one-third andfour-fifths). There are also properties related to the code point’s use inbidirectional text and other display-related properties.

The following program displays some information about several characters, andprints the numeric value of one particular character:

importunicodedatau=unichr(233)+unichr(0x0bf2)+unichr(3972)+unichr(6000)+unichr(13231)fori,cinenumerate(u):printi,'%04x'%ord(c),unicodedata.category(c),printunicodedata.name(c)# Get numeric value of second characterprintunicodedata.numeric(u[1])

When run, this prints:

000e9LlLATINSMALLLETTEREWITHACUTE10bf2NoTAMILNUMBERONETHOUSAND20f84MnTIBETANMARKHALANTA31770LoTAGBANWALETTERSA433afSoSQUARERADOVERSSQUARED1000.0

The category codes are abbreviations describing the nature of the character.These are grouped into categories such as “Letter”, “Number”, “Punctuation”, or“Symbol”, which in turn are broken up into subcategories. To take the codesfrom the above output,'Ll' means ‘Letter, lowercase’,'No' means“Number, other”,'Mn' is “Mark, nonspacing”, and'So' is “Symbol,other”. See<http://www.unicode.org/reports/tr44/#General_Category_Values> for alist of category codes.

References¶

The Unicode and 8-bit string types are described in the Python library referenceatSequence Types — str, unicode, list, tuple, bytearray, buffer, xrange.

The documentation for theunicodedata module.

The documentation for thecodecs module.

Marc-André Lemburg gave a presentation at EuroPython 2002 titled “Python andUnicode”. A PDF version of his slides is available at<https://downloads.egenix.com/python/Unicode-EPC2002-Talk.pdf>, and is anexcellent overview of the design of Python’s Unicode features.

Unicode filenames¶

Most of the operating systems in common use today support filenames that containarbitrary Unicode characters. Usually this is implemented by converting theUnicode string into some encoding that varies depending on the system. Forexample, Mac OS X uses UTF-8 while Windows uses a configurable encoding; onWindows, Python uses the name “mbcs” to refer to whatever the currentlyconfigured encoding is. On Unix systems, there will only be a filesystemencoding if you’ve set theLANG orLC_CTYPE environment variables; ifyou haven’t, the default encoding is ASCII.

Thesys.getfilesystemencoding() function returns the encoding to use onyour current system, in case you want to do the encoding manually, but there’snot much reason to bother. When opening a file for reading or writing, you canusually just provide the Unicode string as the filename, and it will beautomatically converted to the right encoding for you:

filename=u'filename\u4500abc'f=open(filename,'w')f.write('blah\n')f.close()

Functions in theos module such asos.stat() will also accept Unicodefilenames.

os.listdir(), which returns filenames, raises an issue: should it returnthe Unicode version of filenames, or should it return 8-bit strings containingthe encoded versions?os.listdir() will do both, depending on whether youprovided the directory path as an 8-bit string or a Unicode string. If you passa Unicode string as the path, filenames will be decoded using the filesystem’sencoding and a list of Unicode strings will be returned, while passing an 8-bitpath will return the 8-bit versions of the filenames. For example, assuming thedefault filesystem encoding is UTF-8, running the following program:

fn=u'filename\u4500abc'f=open(fn,'w')f.close()importosprintos.listdir('.')printos.listdir(u'.')

will produce the following output:

amk:~$ python t.py['.svn', 'filename\xe4\x94\x80abc', ...][u'.svn', u'filename\u4500abc', ...]

The first list contains UTF-8-encoded filenames, and the second list containsthe Unicode versions.

Tips for Writing Unicode-aware Programs¶

This section provides some suggestions on writing software that deals withUnicode.

The most important tip is:

Software should only work with Unicode strings internally, converting to aparticular encoding on output.

If you attempt to write processing functions that accept both Unicode and 8-bitstrings, you will find your program vulnerable to bugs wherever you combine thetwo different kinds of strings. Python’s default encoding is ASCII, so whenevera character with an ASCII value > 127 is in the input data, you’ll get aUnicodeDecodeError because that character can’t be handled by the ASCIIencoding.

It’s easy to miss such problems if you only test your software with data thatdoesn’t contain any accents; everything will seem to work, but there’s actuallya bug in your program waiting for the first user who attempts to use characters> 127. A second tip, therefore, is:

Include characters > 127 and, even better, characters > 255 in your testdata.

When using data coming from a web browser or some other untrusted source, acommon technique is to check for illegal characters in a string before using thestring in a generated command line or storing it in a database. If you’re doingthis, be careful to check the string once it’s in the form that will be used orstored; it’s possible for encodings to be used to disguise characters. This isespecially true if the input data also specifies the encoding; many encodingsleave the commonly checked-for characters alone, but Python includes someencodings such as'base64' that modify every single character.

For example, let’s say you have a content management system that takes a Unicodefilename, and you want to disallow paths with a ‘/’ character. You might writethis code:

defread_file(filename,encoding):if'/'infilename:raiseValueError("'/' not allowed in filenames")unicode_name=filename.decode(encoding)f=open(unicode_name,'r')# ... return contents of file ...

However, if an attacker could specify the'base64' encoding, they could pass'L2V0Yy9wYXNzd2Q=', which is the base-64 encoded form of the string'/etc/passwd', to read a system file. The above code looks for'/'characters in the encoded form and misses the dangerous character in theresulting decoded form.

References¶

The PDF slides for Marc-André Lemburg’s presentation “Writing Unicode-awareApplications in Python” are available at<https://downloads.egenix.com/python/LSM2005-Developing-Unicode-aware-applications-in-Python.pdf>and discuss questions of character encodings as well as how to internationalizeand localize an application.