<p>使用标准库中的<a href="http://docs.python.org/library/zipfile.html">^{<cd1>}</a>模块:</p>
<pre><code>import zipfile,os.path
def unzip(source_filename, dest_dir):
with zipfile.ZipFile(source_filename) as zf:
for member in zf.infolist():
# Path traversal defense copied from
# http://hg.python.org/cpython/file/tip/Lib/http/server.py#l789
words = member.filename.split('/')
path = dest_dir
for word in words[:-1]:
while True:
drive, word = os.path.splitdrive(word)
head, word = os.path.split(word)
if not drive:
break
if word in (os.curdir, os.pardir, ''):
continue
path = os.path.join(path, word)
zf.extract(member, path)
</code></pre>
<p>注意,使用<a href="http://docs.python.org/library/zipfile.html#zipfile.ZipFile.extractall">^{<cd2>}</a>要短得多,但是在Python 2.7.4之前,该方法不会对<a href="http://en.wikipedia.org/wiki/Path_traversal">path traversal vulnerabilities</a>进行保护。如果你能保证你的代码运行在最新版本的Python上。</p>