python xml

These days, the most popular (and very simple) option is the ElementTree API, which has been included in the standard library since Python 2.5.

The available options for that are:

ElementTree (Basic, pure-Python implementation of ElementTree. Part of the standard library since 2.5)
cElementTree (Optimized C implementation of ElementTree. Also offered in the standard library since 2.5)
LXML (Based on libxml2. Offers a rich superset of the ElementTree API as well XPath, CSS Selectors, and more)
Here’s an example of how to generate your example document using the in-stdlib cElementTree:

import xml.etree.cElementTree as ET

root = ET.Element(“root”)
doc = ET.SubElement(root, “doc”)

ET.SubElement(doc, “field1”, name=”blah”).text = “some value1”
ET.SubElement(doc, “field2”, name=”asdfasd”).text = “some vlaue2”

tree = ET.ElementTree(root)
tree.write(“filename.xml”)

I suggest ElementTree. There are other compatible implementations of the same API, such as lxml, and cElementTree in the Python standard library itself; but, in this context, what they chiefly add is even more speed – the ease of programming part depends on the API, which ElementTree defines.

After building an Element instance e from the XML, e.g. with the XML function, or by parsing a file with something like

import xml.etree.ElementTree
e = xml.etree.ElementTree.parse(‘thefile.xml’).getroot()
or any of the many other ways shown at ElementTree, you just do something like:

for atype in e.findall(‘type’):
print(atype.get(‘foobar’))
and similar, usually pretty simple, code patterns.

Seems that ElementTree has some vulnerability issues, this is a quote from the docs: Warning The xml.etree.ElementTree module is not secure against maliciously constructed data. If you need to parse untrusted or unauthenticated data see XML vulnerabilities.