From fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 03:14:29 +0200 Subject: Merging upstream version 125.0.1. Signed-off-by: Daniel Baumann --- dom/locales/en-US/chrome/security/csp.properties | 107 ++++++++++++++++++--- .../en-US/chrome/security/security.properties | 2 +- 2 files changed, 96 insertions(+), 13 deletions(-) (limited to 'dom/locales') diff --git a/dom/locales/en-US/chrome/security/csp.properties b/dom/locales/en-US/chrome/security/csp.properties index 5fc7bcfdf5..f077bc8ab0 100644 --- a/dom/locales/en-US/chrome/security/csp.properties +++ b/dom/locales/en-US/chrome/security/csp.properties @@ -3,20 +3,103 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. # CSP Warnings: -# LOCALIZATION NOTE (CSPViolation): -# %1$S is the reason why the resource has not been loaded. -CSPViolation = The page’s settings blocked the loading of a resource: %1$S -# LOCALIZATION NOTE (CSPViolationWithURI): -# %1$S is the directive that has been violated. + +# LOCALIZATION NOTE (CSPInlineStyleViolation): +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the type of directive used by the resource (e.g. style-src-elem) +CSPInlineStyleViolation = The page’s settings blocked an inline style (%2$S) from being applied because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPROInlineStyleViolation): +# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the type of directive used by the resource (e.g. style-src-elem) +CSPROInlineStyleViolation = (Report-Only policy) The page’s settings would block an inline style (%2$S) from being applied because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPInlineScriptViolation): +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the type of directive used by the resource (e.g. script-src-elem) +CSPInlineScriptViolation = The page’s settings blocked an inline script (%2$S) from being executed because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPROInlineScriptViolation): +# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the type of directive used by the resource (e.g. script-src-elem) +CSPROInlineScriptViolation = (Report-Only policy) The page’s settings would block an inline script (%2$S) from being executed because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPEventHandlerScriptViolation): +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the type of directive used by the resource (e.g. script-src-attr) +CSPEventHandlerScriptViolation = The page’s settings blocked an event handler (%2$S) from being executed because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPROEventHandlerScriptViolation): +# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the type of directive used by the resource (e.g. script-src-attr) +CSPROEventHandlerScriptViolation = (Report-Only policy) The page’s settings would block an event handler (%2$S) from being executed because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPEvalScriptViolation): +# Don't translate/change "'unsafe-eval'", including the single quote. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the type of directive used by the resource (e.g. script-src) +CSPEvalScriptViolation = The page’s settings blocked a JavaScript eval (%2$S) from being executed because it violates the following directive: “%1$S” (Missing 'unsafe-eval') +# LOCALIZATION NOTE (CSPROEvalScriptViolation): +# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only. +# Don't translate/change "'unsafe-eval'", including the single quote. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the type of directive used by the resource (e.g. script-src) +CSPROEvalScriptViolation = (Report-Only policy) The page’s settings would block a JavaScript eval (%2$S) from being executed because it violates the following directive: “%1$S” (Missing 'unsafe-eval') +# LOCALIZATION NOTE (CSPWasmEvalScriptViolation): +# WebAssembly is a feature name. +# Don't translate/change "'wasm-unsafe-eval'" or "'unsafe-eval'", including the single quote. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the type of directive used by the resource (e.g. script-src) +CSPWasmEvalScriptViolation = The page’s settings blocked WebAssembly (%2$S) from being executed because it violates the following directive: “%1$S” (Missing 'wasm-unsafe-eval' or 'unsafe-eval') +# LOCALIZATION NOTE (CSPROWasmEvalScriptViolation): +# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only. +# WebAssembly is a feature name. +# Don't translate/change "'wasm-unsafe-eval'" or "'unsafe-eval'", including the single quote. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the type of directive used by the resource (e.g. script-src) +CSPROWasmEvalScriptViolation = (Report-Only policy) The page’s settings would block WebAssembly (%2$S) from being executed because it violates the following directive: “%1$S” (Missing 'wasm-unsafe-eval' or 'unsafe-eval') +# LOCALIZATION NOTE (CSPStyleViolation): +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the URI of the resource which violated the directive. +# %3$S is the type of directive used by the resource (e.g. style-src) +CSPStyleViolation = The page’s settings blocked a style (%3$S) at %2$S from being applied because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPROStyleViolation): +# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the URI of the resource which violated the directive. +# %3$S is the type of directive used by the resource (e.g. style-src) +CSPROStyleViolation = (Report-Only policy) The page’s settings would block a style (%3$S) at %2$S from being applied because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPScriptViolation): +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the URI of the resource which violated the directive. +# %3$S is the type of directive used by the resource (e.g. script-src-elem) +CSPScriptViolation = The page’s settings blocked a script (%3$S) at %2$S from being executed because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPROScriptViolation): +# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") # %2$S is the URI of the resource which violated the directive. -CSPViolationWithURI = The page’s settings blocked the loading of a resource at %2$S (“%1$S”). -# LOCALIZATION NOTE (CSPROViolation): -# %1$S is the reason why the resource has not been loaded. -CSPROViolation = A violation occurred for a report-only CSP policy (“%1$S”). The behavior was allowed, and a CSP report was sent. -# LOCALIZATION NOTE (CSPROViolationWithURI): -# %1$S is the directive that has been violated. +# %3$S is the type of directive used by the resource (e.g. script-src-elem) +CSPROScriptViolation = (Report-Only policy) The page’s settings would block a script (%3$S) at %2$S from being executed because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPWorkerViolation): +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") # %2$S is the URI of the resource which violated the directive. -CSPROViolationWithURI = The page’s settings observed the loading of a resource at %2$S (“%1$S”). A CSP report is being sent. +# %3$S is the type of directive used by the resource (e.g. worker-src) +CSPWorkerViolation = The page’s settings blocked a worker script (%3$S) at %2$S from being executed because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPROWorkerViolation): +# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the URI of the resource which violated the directive. +# %3$S is the type of directive used by the resource (e.g. worker-src) +CSPROWorkerViolation = (Report-Only policy) The page’s settings would block a worker script (%3$S) at %2$S from being executed because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPGenericViolation): +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the URI of the resource which violated the directive. +# %3$S is the type of directive used by the resource (e.g. image-src) +CSPGenericViolation = The page’s settings blocked the loading of a resource (%3$S) at %2$S because it violates the following directive: “%1$S” +# LOCALIZATION NOTE (CSPROGenericViolation): +# Don't translate "Report-Only" as it's part of the name Content-Security-Policy-Report-Only. +# %1$S is the entire directive that has been violated. (e.g. "default-src 'none'") +# %2$S is the URI of the resource which violated the directive. +# %3$S is the type of directive used by the resource (e.g. image-src) +CSPROGenericViolation = (Report-Only policy) The page’s settings would block the loading of a resource (%3$S) at %2$S because it violates the following directive: “%1$S” + # LOCALIZATION NOTE (triedToSendReport): # %1$S is the URI we attempted to send a report to. triedToSendReport = Tried to send report to invalid URI: “%1$S” diff --git a/dom/locales/en-US/chrome/security/security.properties b/dom/locales/en-US/chrome/security/security.properties index c19fc2d2bf..fc58fe4f7d 100644 --- a/dom/locales/en-US/chrome/security/security.properties +++ b/dom/locales/en-US/chrome/security/security.properties @@ -44,7 +44,7 @@ LoadingMixedActiveContent2=Loading mixed (insecure) active content “%1$S” on LoadingMixedDisplayContent2=Loading mixed (insecure) display content “%1$S” on a secure page LoadingMixedDisplayObjectSubrequestDeprecation=Loading mixed (insecure) content “%1$S” within a plugin on a secure page is discouraged and will be blocked soon. # LOCALIZATION NOTE: "%S" is the URI of the insecure mixed content download -MixedContentBlockedDownload = Blocked downloading insecure content “%S”. +BlockedInsecureDownload = We blocked a download that’s not secure: “%S”. # LOCALIZATION NOTE: Do not translate "allow-scripts", "allow-same-origin", "sandbox" or "iframe" BothAllowScriptsAndSameOriginPresent=An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing. -- cgit v1.2.3