Skip to content

Translate library/xml.po #604

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Aug 24, 2023
Merged

Translate library/xml.po #604

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
67b30ee
translate `library/xml.po`
mattwang44 Aug 20, 2023
7575588
Apply suggestions from code review
mattwang44 Aug 23, 2023
6125052
fix(library/xml): update based on reviewer's comment
mattwang44 Aug 23, 2023
ed0020d
fix(library/xml): modify based on review comment
mattwang44 Aug 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
97 changes: 66 additions & 31 deletions library/xml.po
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) 2001-2022, Python Software Foundation
# Copyright (C) 2001-2023, Python Software Foundation
# This file is distributed under the same license as the Python package.
#
# Translators:
# Leon H., 2017
# Matt Wang <mattwang44@gmail.com>, 2023
msgid ""
msgstr ""
"Project-Id-Version: Python 3.12\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2023-07-29 10:36+0000\n"
"PO-Revision-Date: 2018-05-23 16:16+0000\n"
"Last-Translator: Adrian Liaw <adrianliaw2000@gmail.com>\n"
"PO-Revision-Date: 2023-08-21 02:16+0000\n"
"Last-Translator: Matt Wang <mattwang44@gmail.com>\n"
"Language-Team: Chinese - TAIWAN (https://github.com/python/python-docs-zh-"
"tw)\n"
"Language: zh_TW\n"
Expand All @@ -30,14 +30,16 @@ msgstr "**原始碼:**\\ :source:`Lib/xml/`"
#: ../../library/xml.rst:16
msgid ""
"Python's interfaces for processing XML are grouped in the ``xml`` package."
msgstr ""
msgstr "Python 處理 XML 的介面被歸類於 ``xml`` 套件中。"

#: ../../library/xml.rst:20
msgid ""
"The XML modules are not secure against erroneous or maliciously constructed "
"data. If you need to parse untrusted or unauthenticated data see the :ref:"
"`xml-vulnerabilities` and :ref:`defusedxml-package` sections."
msgstr ""
"XML 模組無法抵禦錯誤或惡意建構的資料。如果你需要剖析不受信任或未經身份驗證的"
"資料,請參閱 :ref:`xml-vulnerabilities` 和 :ref:`defusedxml-package` 段落。"

#: ../../library/xml.rst:25
msgid ""
Expand All @@ -46,46 +48,52 @@ msgid ""
"is included with Python, so the :mod:`xml.parsers.expat` module will always "
"be available."
msgstr ""
"請務必注意 :mod:`xml` 套件中的模組要求至少有一個可用的 SAX 相容 XML 剖析器。"
"Expat 剖析器包含在 Python 中,所以總是可以使用 :mod:`xml.parsers.expat` 模"
"組。"

#: ../../library/xml.rst:30
msgid ""
"The documentation for the :mod:`xml.dom` and :mod:`xml.sax` packages are the "
"definition of the Python bindings for the DOM and SAX interfaces."
msgstr ""
":mod:`xml.dom` 和 :mod:`xml.sax` 套件的文件為 DOM 和 SAX 介面的 Python 繫結的"
"定義。"

#: ../../library/xml.rst:33
msgid "The XML handling submodules are:"
msgstr ""
msgstr "以下是 XML 處理子模組:"

#: ../../library/xml.rst:35
msgid ""
":mod:`xml.etree.ElementTree`: the ElementTree API, a simple and lightweight "
"XML processor"
msgstr ""
":mod:`xml.etree.ElementTree`:ElementTree API,一個簡單且輕量級的 XML 處理器"

#: ../../library/xml.rst:40
msgid ":mod:`xml.dom`: the DOM API definition"
msgstr ""
msgstr ":mod:`xml.dom`:DOM API 定義"

#: ../../library/xml.rst:41
msgid ":mod:`xml.dom.minidom`: a minimal DOM implementation"
msgstr ""
msgstr ":mod:`xml.dom.minidom`:最小的 DOM 實作"

#: ../../library/xml.rst:42
msgid ":mod:`xml.dom.pulldom`: support for building partial DOM trees"
msgstr ""
msgstr ":mod:`xml.dom.pulldom`:支援建置部分 DOM 樹"

#: ../../library/xml.rst:46
msgid ":mod:`xml.sax`: SAX2 base classes and convenience functions"
msgstr ""
msgstr ":mod:`xml.sax`:SAX2 基底類別和便利函式"

#: ../../library/xml.rst:47
msgid ":mod:`xml.parsers.expat`: the Expat parser binding"
msgstr ""
msgstr ":mod:`xml.parsers.expat`:Expat 剖析器繫結"

#: ../../library/xml.rst:53
msgid "XML vulnerabilities"
msgstr ""
msgstr "XML 漏洞"

#: ../../library/xml.rst:55
msgid ""
Expand All @@ -94,16 +102,19 @@ msgid ""
"attacks, access local files, generate network connections to other machines, "
"or circumvent firewalls."
msgstr ""
"XML 處理模組無法抵禦惡意建構的資料。攻擊者可以濫用 XML 功能來執行阻斷服務攻"
"擊 (denial of service attack)、存取本地檔案、生成與其他機器的網路連接或繞過防"
"火牆。"

#: ../../library/xml.rst:60
msgid ""
"The following table gives an overview of the known attacks and whether the "
"various modules are vulnerable to them."
msgstr ""
msgstr "下表概述了已知的攻擊以及各個模組是否易有漏洞。"

#: ../../library/xml.rst:64
msgid "kind"
msgstr ""
msgstr "種類"

#: ../../library/xml.rst:64
msgid "sax"
Expand All @@ -127,51 +138,51 @@ msgstr "xmlrpc"

#: ../../library/xml.rst:66
msgid "billion laughs"
msgstr ""
msgstr "十億笑聲 (billion laughs)"

#: ../../library/xml.rst:66 ../../library/xml.rst:67
msgid "**Vulnerable** (1)"
msgstr ""
msgstr "**脆弱** (1)"

#: ../../library/xml.rst:67
msgid "quadratic blowup"
msgstr ""
msgstr "二次爆炸 (quadratic blowup)"

#: ../../library/xml.rst:68 ../../library/xml.rst:103
msgid "external entity expansion"
msgstr ""
msgstr "外部實體擴展 (external entity expansion)"

#: ../../library/xml.rst:68 ../../library/xml.rst:69
msgid "Safe (5)"
msgstr ""
msgstr "安全 (5)"

#: ../../library/xml.rst:68
msgid "Safe (2)"
msgstr ""
msgstr "安全 (2)"

#: ../../library/xml.rst:68
msgid "Safe (3)"
msgstr ""
msgstr "安全 (3)"

#: ../../library/xml.rst:68
msgid "Safe (4)"
msgstr ""
msgstr "安全 (4)"

#: ../../library/xml.rst:69 ../../library/xml.rst:108
msgid "`DTD`_ retrieval"
msgstr ""
msgstr "`DTD`_ 檢索"

#: ../../library/xml.rst:69 ../../library/xml.rst:70
msgid "Safe"
msgstr ""
msgstr "安全"

#: ../../library/xml.rst:70 ../../library/xml.rst:115
msgid "decompression bomb"
msgstr ""
msgstr "解壓縮炸彈 (decompression bomb)"

#: ../../library/xml.rst:70
msgid "**Vulnerable**"
msgstr ""
msgstr "**脆弱**"

#: ../../library/xml.rst:73
msgid ""
Expand All @@ -180,32 +191,37 @@ msgid ""
"to potential reliance on system-provided libraries. Check :const:`pyexpat."
"EXPAT_VERSION`."
msgstr ""
"Expat 2.4.1 及更新的版本不易受到「十億笑聲」和「二次爆炸」漏洞的影響。但仍可"
"能由於依賴系統提供的函式庫而被列為易受攻擊的項目。請檢查 :const:`pyexpat."
"EXPAT_VERSION`。"

#: ../../library/xml.rst:77
msgid ""
":mod:`xml.etree.ElementTree` doesn't expand external entities and raises a :"
"exc:`~xml.etree.ElementTree.ParseError` when an entity occurs."
msgstr ""
":mod:`xml.etree.ElementTree` 不會擴展外部實體,並在實體出現時引發 :exc:`~xml."
"etree.ElementTree.ParseError`。"

#: ../../library/xml.rst:79
msgid ""
":mod:`xml.dom.minidom` doesn't expand external entities and simply returns "
"the unexpanded entity verbatim."
msgstr ""
msgstr ":mod:`xml.dom.minidom` 不會擴展外部實體,只會逐字回傳未擴展的實體。"

#: ../../library/xml.rst:81
msgid ":mod:`xmlrpc.client` doesn't expand external entities and omits them."
msgstr ""
msgstr ":mod:`xmlrpc.client` 不會擴展外部實體且會忽略它們。"

#: ../../library/xml.rst:82
msgid ""
"Since Python 3.7.1, external general entities are no longer processed by "
"default."
msgstr ""
msgstr "從 Python 3.7.1 開始,預設情況下不再處理外部通用實體。"

#: ../../library/xml.rst:91
msgid "billion laughs / exponential entity expansion"
msgstr ""
msgstr "十億笑聲 / 指數實體擴展"

#: ../../library/xml.rst:87
msgid ""
Expand All @@ -215,10 +231,13 @@ msgid ""
"string. The exponential expansion results in several gigabytes of text and "
"consumes lots of memory and CPU time."
msgstr ""
"`十億笑聲 <Billion Laughs_>`_\\ 攻擊(也稱為指數實體擴展 (exponential entity "
"expansion))使用多層巢狀實體。每個實體多次引用另一個實體,最終的實體定義包含"
"一個小字串。指數擴展會產生數 GB 的文本,並消耗大量記憶體和 CPU 時間。"

#: ../../library/xml.rst:98
msgid "quadratic blowup entity expansion"
msgstr ""
msgstr "二次爆炸實體擴展"

#: ../../library/xml.rst:94
msgid ""
Expand All @@ -228,20 +247,27 @@ msgid ""
"isn't as efficient as the exponential case but it avoids triggering parser "
"countermeasures that forbid deeply nested entities."
msgstr ""
"二次爆炸攻擊類似於\\ `十億笑聲 <Billion Laughs_>`_\\ 攻擊;它也濫用實體擴展。"
"它不是巢狀實體,而是一遍又一遍地重複一個具有幾千個字元的大型實體。該攻擊不如"
"指數擴展那麼有效率,但它不會觸發那些用來防止深度巢狀實體的剖析器對策。"

#: ../../library/xml.rst:101
msgid ""
"Entity declarations can contain more than just text for replacement. They "
"can also point to external resources or local files. The XML parser accesses "
"the resource and embeds the content into the XML document."
msgstr ""
"實體聲明不僅僅可以包含用於替換的文本,它們還可以指向外部資源或本地檔案。XML "
"剖析器會存取資源並將內容嵌入到 XML 文件中。"

#: ../../library/xml.rst:106
msgid ""
"Some XML libraries like Python's :mod:`xml.dom.pulldom` retrieve document "
"type definitions from remote or local locations. The feature has similar "
"implications as the external entity expansion issue."
msgstr ""
"一些 XML 函式庫(例如 Python 的 :mod:`xml.dom.pulldom`)從遠端或本地位置檢索"
"文件類型定義。該功能與外部實體擴展問題具有類似的含義。"

#: ../../library/xml.rst:111
msgid ""
Expand All @@ -250,12 +276,17 @@ msgid ""
"files. For an attacker it can reduce the amount of transmitted data by three "
"magnitudes or more."
msgstr ""
"解壓縮炸彈(又名 `ZIP bomb`_\\ )適用於所有可以剖析壓縮 XML 串流(例如 gzip "
"壓縮的 HTTP 串流或 LZMA 壓縮檔案)的 XML 函式庫。對於攻擊者來說,它可以將傳輸"
"的資料量減少三個或更多數量級。"

#: ../../library/xml.rst:117
msgid ""
"The documentation for `defusedxml`_ on PyPI has further information about "
"all known attack vectors with examples and references."
msgstr ""
"PyPI 上的 `defusedxml`_ 文件包含有關所有已知攻擊媒介 (attack vector) 的更多資"
"訊以及範例和參考資料。"

#: ../../library/xml.rst:123
msgid "The :mod:`!defusedxml` Package"
Expand All @@ -269,3 +300,7 @@ msgid ""
"data. The package also ships with example exploits and extended "
"documentation on more XML exploits such as XPath injection."
msgstr ""
"`defusedxml`_ 是一個純 Python 套件,其中包含所有標準函式庫中 XML 剖析器的修正"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

好奇問一下,這邊的 defusedxml 和上面的 ZIP bomb 都是用 ``_ 包起來,
那顯示的時候它怎麼知道哪個是要查 wiki 哪個是要連到 pypi?

Copy link
Collaborator Author

@mattwang44 mattwang44 Aug 24, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

這是寫在 CPython 內的 rst 原檔中。rst 的幾種 external link 寫法都跟 markdown 的類似,其中一種寫法是另外註記網址,而這邊的 defusedxml 只是個 tag。(但是在 parse 出該被翻譯的句子時這部分就會被忽略,所以 po 檔裡面沒有網址)

image

"版本子類別,可防止任何潛在的惡意操作。當伺服器程式會剖析任何不受信任的 XML 資"
"料時建議使用此套件。該套件還附帶了更多有關 XML 漏洞(例如 XPath 注入)的範例"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

這邊範例漏洞 改成 漏洞範例 或者範例 會不會比較通順一點?

"和延伸文件。"