summaryrefslogtreecommitdiffstats
path: root/dom/locales/en-US/chrome/security
diff options
context:
space:
mode:
Diffstat (limited to 'dom/locales/en-US/chrome/security')
-rw-r--r--dom/locales/en-US/chrome/security/csp.properties107
-rw-r--r--dom/locales/en-US/chrome/security/security.properties2
2 files changed, 96 insertions, 13 deletions
diff --git a/dom/locales/en-US/chrome/security/csp.properties b/dom/locales/en-US/chrome/security/csp.properties
index 5fc7bcfdf5..f077bc8ab0 100644
--- a/dom/locales/en-US/chrome/security/csp.properties
+++ b/dom/locales/en-US/chrome/security/csp.properties
@@ -3,20 +3,103 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# CSP Warnings:
-# LOCALIZATION NOTE (CSPViolation):
-# %1$S is the reason why the resource has not been loaded.
-CSPViolation = The page’s settings blocked the loading of a resource: %1$S
-# LOCALIZATION NOTE (CSPViolationWithURI):
-# %1$S is the directive that has been violated.
+
+# LOCALIZATION NOTE (CSPInlineStyleViolation):
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the type of directive used by the resource (e.g. style-src-elem)
+CSPInlineStyleViolation = The page’s settings blocked an inline style (%2$S) from being applied because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPROInlineStyleViolation):
+# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the type of directive used by the resource (e.g. style-src-elem)
+CSPROInlineStyleViolation = (Report-Only policy) The page’s settings would block an inline style (%2$S) from being applied because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPInlineScriptViolation):
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the type of directive used by the resource (e.g. script-src-elem)
+CSPInlineScriptViolation = The page’s settings blocked an inline script (%2$S) from being executed because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPROInlineScriptViolation):
+# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the type of directive used by the resource (e.g. script-src-elem)
+CSPROInlineScriptViolation = (Report-Only policy) The page’s settings would block an inline script (%2$S) from being executed because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPEventHandlerScriptViolation):
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the type of directive used by the resource (e.g. script-src-attr)
+CSPEventHandlerScriptViolation = The page’s settings blocked an event handler (%2$S) from being executed because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPROEventHandlerScriptViolation):
+# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the type of directive used by the resource (e.g. script-src-attr)
+CSPROEventHandlerScriptViolation = (Report-Only policy) The page’s settings would block an event handler (%2$S) from being executed because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPEvalScriptViolation):
+# Don't translate/change "'unsafe-eval'", including the single quote.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the type of directive used by the resource (e.g. script-src)
+CSPEvalScriptViolation = The page’s settings blocked a JavaScript eval (%2$S) from being executed because it violates the following directive: “%1$S” (Missing 'unsafe-eval')
+# LOCALIZATION NOTE (CSPROEvalScriptViolation):
+# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only.
+# Don't translate/change "'unsafe-eval'", including the single quote.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the type of directive used by the resource (e.g. script-src)
+CSPROEvalScriptViolation = (Report-Only policy) The page’s settings would block a JavaScript eval (%2$S) from being executed because it violates the following directive: “%1$S” (Missing 'unsafe-eval')
+# LOCALIZATION NOTE (CSPWasmEvalScriptViolation):
+# WebAssembly is a feature name.
+# Don't translate/change "'wasm-unsafe-eval'" or "'unsafe-eval'", including the single quote.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the type of directive used by the resource (e.g. script-src)
+CSPWasmEvalScriptViolation = The page’s settings blocked WebAssembly (%2$S) from being executed because it violates the following directive: “%1$S” (Missing 'wasm-unsafe-eval' or 'unsafe-eval')
+# LOCALIZATION NOTE (CSPROWasmEvalScriptViolation):
+# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only.
+# WebAssembly is a feature name.
+# Don't translate/change "'wasm-unsafe-eval'" or "'unsafe-eval'", including the single quote.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the type of directive used by the resource (e.g. script-src)
+CSPROWasmEvalScriptViolation = (Report-Only policy) The page’s settings would block WebAssembly (%2$S) from being executed because it violates the following directive: “%1$S” (Missing 'wasm-unsafe-eval' or 'unsafe-eval')
+# LOCALIZATION NOTE (CSPStyleViolation):
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the URI of the resource which violated the directive.
+# %3$S is the type of directive used by the resource (e.g. style-src)
+CSPStyleViolation = The page’s settings blocked a style (%3$S) at %2$S from being applied because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPROStyleViolation):
+# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the URI of the resource which violated the directive.
+# %3$S is the type of directive used by the resource (e.g. style-src)
+CSPROStyleViolation = (Report-Only policy) The page’s settings would block a style (%3$S) at %2$S from being applied because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPScriptViolation):
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the URI of the resource which violated the directive.
+# %3$S is the type of directive used by the resource (e.g. script-src-elem)
+CSPScriptViolation = The page’s settings blocked a script (%3$S) at %2$S from being executed because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPROScriptViolation):
+# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
# %2$S is the URI of the resource which violated the directive.
-CSPViolationWithURI = The page’s settings blocked the loading of a resource at %2$S (“%1$S”).
-# LOCALIZATION NOTE (CSPROViolation):
-# %1$S is the reason why the resource has not been loaded.
-CSPROViolation = A violation occurred for a report-only CSP policy (“%1$S”). The behavior was allowed, and a CSP report was sent.
-# LOCALIZATION NOTE (CSPROViolationWithURI):
-# %1$S is the directive that has been violated.
+# %3$S is the type of directive used by the resource (e.g. script-src-elem)
+CSPROScriptViolation = (Report-Only policy) The page’s settings would block a script (%3$S) at %2$S from being executed because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPWorkerViolation):
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
# %2$S is the URI of the resource which violated the directive.
-CSPROViolationWithURI = The page’s settings observed the loading of a resource at %2$S (“%1$S”). A CSP report is being sent.
+# %3$S is the type of directive used by the resource (e.g. worker-src)
+CSPWorkerViolation = The page’s settings blocked a worker script (%3$S) at %2$S from being executed because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPROWorkerViolation):
+# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the URI of the resource which violated the directive.
+# %3$S is the type of directive used by the resource (e.g. worker-src)
+CSPROWorkerViolation = (Report-Only policy) The page’s settings would block a worker script (%3$S) at %2$S from being executed because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPGenericViolation):
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the URI of the resource which violated the directive.
+# %3$S is the type of directive used by the resource (e.g. image-src)
+CSPGenericViolation = The page’s settings blocked the loading of a resource (%3$S) at %2$S because it violates the following directive: “%1$S”
+# LOCALIZATION NOTE (CSPROGenericViolation):
+# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only.
+# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'")
+# %2$S is the URI of the resource which violated the directive.
+# %3$S is the type of directive used by the resource (e.g. image-src)
+CSPROGenericViolation = (Report-Only policy) The page’s settings would block the loading of a resource (%3$S) at %2$S because it violates the following directive: “%1$S”
+
# LOCALIZATION NOTE (triedToSendReport):
# %1$S is the URI we attempted to send a report to.
triedToSendReport = Tried to send report to invalid URI: “%1$S”
diff --git a/dom/locales/en-US/chrome/security/security.properties b/dom/locales/en-US/chrome/security/security.properties
index c19fc2d2bf..fc58fe4f7d 100644
--- a/dom/locales/en-US/chrome/security/security.properties
+++ b/dom/locales/en-US/chrome/security/security.properties
@@ -44,7 +44,7 @@ LoadingMixedActiveContent2=Loading mixed (insecure) active content “%1$S” on
LoadingMixedDisplayContent2=Loading mixed (insecure) display content “%1$S” on a secure page
LoadingMixedDisplayObjectSubrequestDeprecation=Loading mixed (insecure) content “%1$S” within a plugin on a secure page is discouraged and will be blocked soon.
# LOCALIZATION NOTE: "%S" is the URI of the insecure mixed content download
-MixedContentBlockedDownload = Blocked downloading insecure content “%S”.
+BlockedInsecureDownload = We blocked a download that’s not secure: “%S”.
# LOCALIZATION NOTE: Do not translate "allow-scripts", "allow-same-origin", "sandbox" or "iframe"
BothAllowScriptsAndSameOriginPresent=An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.