11# SOME DESCRIPTIVE TITLE.
2- # Copyright (C) 2001-2018 , Python Software Foundation
2+ # Copyright (C) 2001-2019 , Python Software Foundation
33# This file is distributed under the same license as the Python package.
44# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
55#
6+ # Translators:
7+ 8+ #
69#, fuzzy
710msgid ""
811msgstr ""
912"Project-Id-Version : Python 3.7\n "
1013"Report-Msgid-Bugs-To : \n "
11- "POT-Creation-Date : 2018-12-22 10:07 +0900\n
14+ "POT-Creation-Date : 2019-01-01 10:14 +0900\n
1215"PO-Revision-Date : 2017-02-16 23:36+0000\n "
16+ "
Last-Translator :
汇民 王 <[email protected] >, 2019\n "
1317"Language-Team : Chinese (China) (https://www.transifex.com/python-doc/teams/5390/zh_CN/)\n "
1418"MIME-Version : 1.0\n "
1519"Content-Type : text/plain; charset=UTF-8\n "
@@ -19,23 +23,25 @@ msgstr ""
1923
2024#: ../../library/xml.rst:4
2125msgid "XML Processing Modules"
22- msgstr ""
26+ msgstr "XML处理模块 "
2327
2428#: ../../library/xml.rst:12
2529msgid "**Source code:** :source:`Lib/xml/`"
26- msgstr ""
30+ msgstr "**源码:** :source:`Lib/xml/` "
2731
2832#: ../../library/xml.rst:16
2933msgid ""
3034"Python's interfaces for processing XML are grouped in the ``xml`` package."
31- msgstr ""
35+ msgstr "用于处理XML的Python接口分组在 ``xml`` 包中。 "
3236
3337#: ../../library/xml.rst:20
3438msgid ""
3539"The XML modules are not secure against erroneous or maliciously constructed "
3640"data. If you need to parse untrusted or unauthenticated data see the :ref"
3741":`xml-vulnerabilities` and :ref:`defused-packages` sections."
3842msgstr ""
43+ "XML 模块对于错误或恶意构造的数据是不安全的。 如果需要解析不受信任或未经身份验证的数据,请参阅 :ref:`xml-vulnerabilities`"
44+ " 和 :ref:`defused-packages` 部分。"
3945
4046#: ../../library/xml.rst:25
4147msgid ""
@@ -44,46 +50,48 @@ msgid ""
4450"is included with Python, so the :mod:`xml.parsers.expat` module will always "
4551"be available."
4652msgstr ""
53+ "值得注意的是 :mod:`xml` 包中的模块要求至少有一个 SAX 兼容的 XML 解析器可用。在 Pythonm中包含 Expat 解析器,因此 "
54+ ":mod:`xml.parsers.expat` 模块将始终可用。"
4755
4856#: ../../library/xml.rst:30
4957msgid ""
5058"The documentation for the :mod:`xml.dom` and :mod:`xml.sax` packages are the"
5159" definition of the Python bindings for the DOM and SAX interfaces."
52- msgstr ""
60+ msgstr ":mod:`xml.dom` 和 :mod:`xml.sax` 包的文档是 DOM 和 SAX 接口的 Python 绑定的定义。 "
5361
5462#: ../../library/xml.rst:33
5563msgid "The XML handling submodules are:"
56- msgstr ""
64+ msgstr "XML 处理子模块包括: "
5765
5866#: ../../library/xml.rst:35
5967msgid ""
6068":mod:`xml.etree.ElementTree`: the ElementTree API, a simple and lightweight "
6169"XML processor"
62- msgstr ""
70+ msgstr ":mod:`xml.etree.ElementTree`: ElementTree API,一个简单而轻量级的XML处理器 "
6371
6472#: ../../library/xml.rst:40
6573msgid ":mod:`xml.dom`: the DOM API definition"
66- msgstr ""
74+ msgstr ":mod:`xml.dom`:DOM API 定义 "
6775
6876#: ../../library/xml.rst:41
6977msgid ":mod:`xml.dom.minidom`: a minimal DOM implementation"
70- msgstr ""
78+ msgstr ":mod:`xml.dom.minidom`:最小的 DOM 实现 "
7179
7280#: ../../library/xml.rst:42
7381msgid ":mod:`xml.dom.pulldom`: support for building partial DOM trees"
74- msgstr ""
82+ msgstr ":mod:`xml.dom.pulldom`:支持构建部分 DOM 树 "
7583
7684#: ../../library/xml.rst:46
7785msgid ":mod:`xml.sax`: SAX2 base classes and convenience functions"
78- msgstr ""
86+ msgstr ":mod:`xml.sax`:SAX2 基类和便利函数 "
7987
8088#: ../../library/xml.rst:47
8189msgid ":mod:`xml.parsers.expat`: the Expat parser binding"
82- msgstr ""
90+ msgstr ":mod:`xml.parsers.expat`:Expat解析器绑定 "
8391
8492#: ../../library/xml.rst:53
8593msgid "XML vulnerabilities"
86- msgstr ""
94+ msgstr "XML 漏洞 "
8795
8896#: ../../library/xml.rst:55
8997msgid ""
@@ -92,112 +100,113 @@ msgid ""
92100"attacks, access local files, generate network connections to other machines,"
93101" or circumvent firewalls."
94102msgstr ""
103+ "XML 处理模块对于恶意构造的数据是不安全的。 攻击者可能滥用 XML 功能来执行拒绝服务攻击、访问本地文件、生成与其它计算机的网络连接或绕过防火墙。"
95104
96105#: ../../library/xml.rst:60
97106msgid ""
98107"The following table gives an overview of the known attacks and whether the "
99108"various modules are vulnerable to them."
100- msgstr ""
109+ msgstr "下表概述了已知的攻击以及各种模块是否容易受到攻击。 "
101110
102111#: ../../library/xml.rst:64
103112msgid "kind"
104- msgstr ""
113+ msgstr "种类 "
105114
106115#: ../../library/xml.rst:64
107116msgid "sax"
108- msgstr ""
117+ msgstr "sax "
109118
110119#: ../../library/xml.rst:64
111120msgid "etree"
112- msgstr ""
121+ msgstr "etree "
113122
114123#: ../../library/xml.rst:64
115124msgid "minidom"
116- msgstr ""
125+ msgstr "minidom "
117126
118127#: ../../library/xml.rst:64
119128msgid "pulldom"
120- msgstr ""
129+ msgstr "pulldom "
121130
122131#: ../../library/xml.rst:64
123132msgid "xmlrpc"
124- msgstr ""
133+ msgstr "xmlrpc "
125134
126135#: ../../library/xml.rst:66
127136msgid "billion laughs"
128- msgstr ""
137+ msgstr "billion laughs "
129138
130139#: ../../library/xml.rst:66 ../../library/xml.rst:66 ../../library/xml.rst:66
131140#: ../../library/xml.rst:66 ../../library/xml.rst:66 ../../library/xml.rst:67
132141#: ../../library/xml.rst:67 ../../library/xml.rst:67 ../../library/xml.rst:67
133142#: ../../library/xml.rst:67 ../../library/xml.rst:70
134143msgid "**Vulnerable**"
135- msgstr ""
144+ msgstr "**易受攻击** "
136145
137146#: ../../library/xml.rst:67
138147msgid "quadratic blowup"
139- msgstr ""
148+ msgstr "quadratic blowup "
140149
141150#: ../../library/xml.rst:68 ../../library/xml.rst:99
142151msgid "external entity expansion"
143- msgstr ""
152+ msgstr "external entity expansion "
144153
145154#: ../../library/xml.rst:68 ../../library/xml.rst:68 ../../library/xml.rst:69
146155#: ../../library/xml.rst:69
147156msgid "Safe (4)"
148- msgstr ""
157+ msgstr "安全 (4) "
149158
150159#: ../../library/xml.rst:68
151160msgid "Safe (1)"
152- msgstr ""
161+ msgstr "安全 (1) "
153162
154163#: ../../library/xml.rst:68
155164msgid "Safe (2)"
156- msgstr ""
165+ msgstr "安全 (2) "
157166
158167#: ../../library/xml.rst:68
159168msgid "Safe (3)"
160- msgstr ""
169+ msgstr "安全 (3) "
161170
162171#: ../../library/xml.rst:69 ../../library/xml.rst:104
163172msgid "`DTD`_ retrieval"
164- msgstr ""
173+ msgstr "`DTD`_ retrieval "
165174
166175#: ../../library/xml.rst:69 ../../library/xml.rst:69 ../../library/xml.rst:69
167176#: ../../library/xml.rst:70 ../../library/xml.rst:70 ../../library/xml.rst:70
168177#: ../../library/xml.rst:70
169178msgid "Safe"
170- msgstr ""
179+ msgstr "安全 "
171180
172181#: ../../library/xml.rst:70 ../../library/xml.rst:111
173182msgid "decompression bomb"
174- msgstr ""
183+ msgstr "decompression bomb "
175184
176185#: ../../library/xml.rst:73
177186msgid ""
178187":mod:`xml.etree.ElementTree` doesn't expand external entities and raises a "
179188":exc:`ParserError` when an entity occurs."
180- msgstr ""
189+ msgstr ":mod:`xml.etree.ElementTree` 不会扩展外部实体并在实体发生时引发 :exc:`ParserError`。 "
181190
182191#: ../../library/xml.rst:75
183192msgid ""
184193":mod:`xml.dom.minidom` doesn't expand external entities and simply returns "
185194"the unexpanded entity verbatim."
186- msgstr ""
195+ msgstr ":mod:`xml.dom.minidom` 不会扩展外部实体,只是简单地返回未扩展的实体。 "
187196
188197#: ../../library/xml.rst:77
189198msgid ":mod:`xmlrpclib` doesn't expand external entities and omits them."
190- msgstr ""
199+ msgstr ":mod:`xmlrpclib` 不扩展外部实体并省略它们。 "
191200
192201#: ../../library/xml.rst:78
193202msgid ""
194203"Since Python 3.7.1, external general entities are no longer processed by "
195204"default."
196- msgstr ""
205+ msgstr "从 Python 3.7.1 开始,默认情况下不再处理外部通用实体。 "
197206
198207#: ../../library/xml.rst:87
199208msgid "billion laughs / exponential entity expansion"
200- msgstr ""
209+ msgstr "billion laughs / exponential entity expansion (狂笑/递归实体扩展) "
201210
202211#: ../../library/xml.rst:83
203212msgid ""
@@ -207,10 +216,12 @@ msgid ""
207216"string. The exponential expansion results in several gigabytes of text and "
208217"consumes lots of memory and CPU time."
209218msgstr ""
219+ "`Billion Laughs`_ 攻击 -- 也称为递归实体扩展 -- 使用多级嵌套实体。 每个实体多次引用另一个实体,最终实体定义包含一个小字符串。"
220+ " 指数级扩展导致几千 GB 的文本,并消耗大量内存和 CPU 时间。"
210221
211222#: ../../library/xml.rst:94
212223msgid "quadratic blowup entity expansion"
213- msgstr ""
224+ msgstr "quadratic blowup entity expansion(二次爆炸实体扩展) "
214225
215226#: ../../library/xml.rst:90
216227msgid ""
@@ -220,20 +231,24 @@ msgid ""
220231" isn't as efficient as the exponential case but it avoids triggering parser "
221232"countermeasures that forbid deeply-nested entities."
222233msgstr ""
234+ "二次爆炸攻击类似于 `Billion Laughs`_ 攻击,它也滥用实体扩展。 "
235+ "它不是嵌套实体,而是一遍又一遍地重复一个具有几千个字符的大型实体。攻击不如递归情况有效,但它避免触发禁止深度嵌套实体的解析器对策。"
223236
224237#: ../../library/xml.rst:97
225238msgid ""
226239"Entity declarations can contain more than just text for replacement. They "
227240"can also point to external resources or local files. The XML parser accesses"
228241" the resource and embeds the content into the XML document."
229- msgstr ""
242+ msgstr "实体声明可以包含的不仅仅是替换文本。 它们还可以指向外部资源或本地文件。 XML 解析器访问资源并将内容嵌入到 XML 文档中。 "
230243
231244#: ../../library/xml.rst:102
232245msgid ""
233246"Some XML libraries like Python's :mod:`xml.dom.pulldom` retrieve document "
234247"type definitions from remote or local locations. The feature has similar "
235248"implications as the external entity expansion issue."
236249msgstr ""
250+ "Python 的一些 XML 库 :mod:`xml.dom.pulldom` 从远程或本地位置检索文档类型定义。 "
251+ "该功能与外部实体扩展问题具有相似的含义。"
237252
238253#: ../../library/xml.rst:107
239254msgid ""
@@ -242,16 +257,18 @@ msgid ""
242257" files. For an attacker it can reduce the amount of transmitted data by "
243258"three magnitudes or more."
244259msgstr ""
260+ "Decompression bombs(解压炸弹,又名 `ZIP bomb`_)适用于所有可以解析压缩 XML 流(例如 gzip 压缩的 HTTP "
261+ "流或 LZMA 压缩的文件)的 XML 库。 对于攻击者来说,它可以将传输的数据量减少三个量级或更多。"
245262
246263#: ../../library/xml.rst:113
247264msgid ""
248265"The documentation for `defusedxml`_ on PyPI has further information about "
249266"all known attack vectors with examples and references."
250- msgstr ""
267+ msgstr "PyPI上 `defusedxml`_ 的文档包含有关所有已知攻击向量的更多信息以及示例和参考。 "
251268
252269#: ../../library/xml.rst:119
253270msgid "The :mod:`defusedxml` and :mod:`defusedexpat` Packages"
254- msgstr ""
271+ msgstr ":mod:`defusedxml` 和 :mod:`defusedexpat` 软件包 "
255272
256273#: ../../library/xml.rst:121
257274msgid ""
@@ -261,6 +278,8 @@ msgid ""
261278"data. The package also ships with example exploits and extended "
262279"documentation on more XML exploits such as XPath injection."
263280msgstr ""
281+ "`defusedxml`_ 是一个纯 Python 软件包,它修改了所有标准库 XML 解析器的子类,可以防止任何潜在的恶意操作。 "
282+ "对于解析不受信任的XML数据的任何服务器代码,建议使用此程序包。 该软件包还提供了有关更多 XML 漏洞(如 XPath 注入)的示例漏洞和扩展文档。"
264283
265284#: ../../library/xml.rst:127
266285msgid ""
@@ -271,3 +290,6 @@ msgid ""
271290"of Python, but will not be included in any bugfix releases of Python because"
272291" they break backward compatibility."
273292msgstr ""
293+ "`defusedexpat`_ 提供了一个修改过的 libexpat 和一个打过补丁的 :mod:`pyexpat` "
294+ "模块,它有针对实体扩展DoS攻击的对策。 :mod:`defusedexpat` 模块仍然允许合理且可配置的实体扩展量。 这些修改可能包含在 "
295+ "Python 的某些未来版本中,但不会包含在 Python 的任何修复版本中,因为它们会破坏向后兼容性。"
0 commit comments