显示 Python 中 JSON 响应的特定字段(通过解析)
Display Specific Fields (Through Parse) from JSON response in Python
我希望在 cli 的打印列表中显示从以下 URL 返回的 JSON 响应中的特定字段:
我可以这样使用请求库输出 JSON 响应:
import urllib, json
url = "http://www.cvedetails.com/json-feed.php?numrows=5&vendor_id=26&product_id=0&version_id=0&hasexp=1&opec=1&opov=1&opcsrf=1&opfileinc=1&opgpriv=0&opsqli=1&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opginf=0&opdos=0&orderby=2&cvssscoremin=0"
response = urllib.urlopen();
data = json.loads(response.read())
print data
但是我不确定将变量放在哪里来告诉打印数据命令要显示哪些特定字段。
JSON 响应是这样形成的,每个值前面都有一个 'u' 标记:
{u'update_date': u'2014-11-18', u'cve_id': u'CVE-2014-4114', u'exploit_count': u'3', u'summary': u'Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sandworm" attack in June through October 2014, aka "Windows OLE Remote Code Execution Vulnerability."', u'url': u'http://www.cvedetails.com/cve/CVE-2014-4114/', u'publish_date': u'2014-10-15', u'cvss_score': u'9.3', u'cwe_id': u'20'}`
我希望有这样的列表视图:
update_date:
cve_id:
exploit_count:
等...
u'...' 语法意味着您拥有 Unicode 字符串。它们很像常规的 '...' 字符串;当内容只是 ASCII 文本时,没有区别。你在这里有一个 list 词典,所以索引每个单独的词典然后只使用字符串作为键:
print data[0]['update_date']
打印特定值,或遍历所有字典项目:
for index, entry in enumerate(data, 1):
print 'Item {}'.format(index)
for name, value in entry.items():
print ' {}: {}'.format(name, value)
我使用 str.format() 模板在键名后用冒号打印每个项目,并使用 enumerate() 给每个项目一个编号。
使用您提供的 URL 中的数据进行演示:
>>> for index, entry in enumerate(data, 1):
... print 'Item {}'.format(index)
... for name, value in entry.items():
... print ' {}: {}'.format(name, value)
...
Item 1
update_date: 2014-11-18
cve_id: CVE-2014-4114
exploit_count: 3
summary: Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sandworm" attack in June through October 2014, aka "Windows OLE Remote Code Execution Vulnerability."
url: http://www.cvedetails.com/cve/CVE-2014-4114/
publish_date: 2014-10-15
cvss_score: 9.3
cwe_id: 20
Item 2
update_date: 2014-05-16
cve_id: CVE-2014-0322
exploit_count: 2
summary: Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014.
url: http://www.cvedetails.com/cve/CVE-2014-0322/
publish_date: 2014-02-14
cvss_score: 9.3
cwe_id: 399
Item 3
update_date: 2014-04-14
cve_id: CVE-2014-2671
exploit_count: 1
summary: Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted WAV file.
url: http://www.cvedetails.com/cve/CVE-2014-2671/
publish_date: 2014-03-31
cvss_score: 6.8
cwe_id: 119
Item 4
update_date: 2014-03-26
cve_id: CVE-2014-0307
exploit_count: 1
summary: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a certain sequence of manipulations of a TextRange element, aka "Internet Explorer Memory Corruption Vulnerability."
url: http://www.cvedetails.com/cve/CVE-2014-0307/
publish_date: 2014-03-12
cvss_score: 9.3
cwe_id: 119
Item 5
update_date: 2014-01-17
cve_id: CVE-2013-3906
exploit_count: 1
summary: GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.
url: http://www.cvedetails.com/cve/CVE-2013-3906/
publish_date: 2013-11-06
cvss_score: 9.3
cwe_id: 94
请注意,发布的代码不会 运行 因为您实际上并未将 URL 传递给 urllib.urlopen() 函数:
url = "http://www.cvedetails.com/json-feed.php?numrows=5&vendor_id=26&product_id=0&version_id=0&hasexp=1&opec=1&opov=1&opcsrf=1&opfileinc=1&opgpriv=0&opsqli=1&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opginf=0&opdos=0&orderby=2&cvssscoremin=0"
response = urllib.urlopen();
分号也不需要;改为传入 url 参数:
response = urllib.urlopen(url)
我希望在 cli 的打印列表中显示从以下 URL 返回的 JSON 响应中的特定字段:
我可以这样使用请求库输出 JSON 响应:
import urllib, json
url = "http://www.cvedetails.com/json-feed.php?numrows=5&vendor_id=26&product_id=0&version_id=0&hasexp=1&opec=1&opov=1&opcsrf=1&opfileinc=1&opgpriv=0&opsqli=1&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opginf=0&opdos=0&orderby=2&cvssscoremin=0"
response = urllib.urlopen();
data = json.loads(response.read())
print data
但是我不确定将变量放在哪里来告诉打印数据命令要显示哪些特定字段。
JSON 响应是这样形成的,每个值前面都有一个 'u' 标记:
{u'update_date': u'2014-11-18', u'cve_id': u'CVE-2014-4114', u'exploit_count': u'3', u'summary': u'Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sandworm" attack in June through October 2014, aka "Windows OLE Remote Code Execution Vulnerability."', u'url': u'http://www.cvedetails.com/cve/CVE-2014-4114/', u'publish_date': u'2014-10-15', u'cvss_score': u'9.3', u'cwe_id': u'20'}`
我希望有这样的列表视图:
update_date:
cve_id:
exploit_count:
等...
u'...' 语法意味着您拥有 Unicode 字符串。它们很像常规的 '...' 字符串;当内容只是 ASCII 文本时,没有区别。你在这里有一个 list 词典,所以索引每个单独的词典然后只使用字符串作为键:
print data[0]['update_date']
打印特定值,或遍历所有字典项目:
for index, entry in enumerate(data, 1):
print 'Item {}'.format(index)
for name, value in entry.items():
print ' {}: {}'.format(name, value)
我使用 str.format() 模板在键名后用冒号打印每个项目,并使用 enumerate() 给每个项目一个编号。
使用您提供的 URL 中的数据进行演示:
>>> for index, entry in enumerate(data, 1):
... print 'Item {}'.format(index)
... for name, value in entry.items():
... print ' {}: {}'.format(name, value)
...
Item 1
update_date: 2014-11-18
cve_id: CVE-2014-4114
exploit_count: 3
summary: Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sandworm" attack in June through October 2014, aka "Windows OLE Remote Code Execution Vulnerability."
url: http://www.cvedetails.com/cve/CVE-2014-4114/
publish_date: 2014-10-15
cvss_score: 9.3
cwe_id: 20
Item 2
update_date: 2014-05-16
cve_id: CVE-2014-0322
exploit_count: 2
summary: Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014.
url: http://www.cvedetails.com/cve/CVE-2014-0322/
publish_date: 2014-02-14
cvss_score: 9.3
cwe_id: 399
Item 3
update_date: 2014-04-14
cve_id: CVE-2014-2671
exploit_count: 1
summary: Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted WAV file.
url: http://www.cvedetails.com/cve/CVE-2014-2671/
publish_date: 2014-03-31
cvss_score: 6.8
cwe_id: 119
Item 4
update_date: 2014-03-26
cve_id: CVE-2014-0307
exploit_count: 1
summary: Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a certain sequence of manipulations of a TextRange element, aka "Internet Explorer Memory Corruption Vulnerability."
url: http://www.cvedetails.com/cve/CVE-2014-0307/
publish_date: 2014-03-12
cvss_score: 9.3
cwe_id: 119
Item 5
update_date: 2014-01-17
cve_id: CVE-2013-3906
exploit_count: 1
summary: GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.
url: http://www.cvedetails.com/cve/CVE-2013-3906/
publish_date: 2013-11-06
cvss_score: 9.3
cwe_id: 94
请注意,发布的代码不会 运行 因为您实际上并未将 URL 传递给 urllib.urlopen() 函数:
url = "http://www.cvedetails.com/json-feed.php?numrows=5&vendor_id=26&product_id=0&version_id=0&hasexp=1&opec=1&opov=1&opcsrf=1&opfileinc=1&opgpriv=0&opsqli=1&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opginf=0&opdos=0&orderby=2&cvssscoremin=0"
response = urllib.urlopen();
分号也不需要;改为传入 url 参数:
response = urllib.urlopen(url)