[po] auto sync

github-actions[bot] · github-actions[bot] · commit a6b28ab45c9e · 2021-09-09T03:21:07.000Z
diff --git a/library/cgi.po b/library/cgi.po
@@ -446,33 +446,33 @@ msgstr "增加了 *separator* 形参。"
 msgid ""
 "Parse a MIME header (such as :mailheader:`Content-Type`) into a main value "
 "and a dictionary of parameters."
-msgstr ""
+msgstr "将一个 MIME 标头 (例如 :mailheader:`Content-Type`) 解析为一个主值和一个参数字典。"
 
 #: ../../library/cgi.rst:318
 msgid ""
 "Robust test CGI script, usable as main program. Writes minimal HTTP headers "
 "and formats all information provided to the script in HTML format."
-msgstr ""
+msgstr "对 CGI 执行健壮性检测，适于作为主程序。 写入最小化的 HTTP 标头并以 HTML 格式来格式化提供给脚本的所有信息。"
 
 #: ../../library/cgi.rst:324
 msgid "Format the shell environment in HTML."
-msgstr ""
+msgstr "以 HTML 格式来格式化 shell 环境。"
 
 #: ../../library/cgi.rst:329
 msgid "Format a form in HTML."
-msgstr ""
+msgstr "以 HTML 格式来格式化表单。"
 
 #: ../../library/cgi.rst:334
 msgid "Format the current directory in HTML."
-msgstr ""
+msgstr "以 HTML 格式来格式化当前目录。"
 
 #: ../../library/cgi.rst:339
 msgid "Print a list of useful (used by CGI) environment variables in HTML."
-msgstr ""
+msgstr "以 HTML 格式打印有用的环境变量列表（供 CGI 使用）。"
 
 #: ../../library/cgi.rst:345
 msgid "Caring about security"
-msgstr ""
+msgstr "对于安全性的关注"
 
 #: ../../library/cgi.rst:349
 msgid ""
@@ -484,6 +484,10 @@ msgid ""
 "invoke arbitrary shell commands.  Even parts of the URL or field names "
 "cannot be trusted, since the request doesn't have to come from your form!"
 msgstr ""
+"有一条重要的规则：如果你发起调用一个外部程序（通过 :func:`os.system`, :func:`os.popen` "
+"或其他具有类似功能的函数），需要非常确定你不会把从客户端接收的任意字符串直接传给 shell。 "
+"这是一个著名的安全漏洞，网络中聪明的黑客可以通过它来利用容易上当的 CGI 脚本发起调用任何 shell 命令。 即便 URL "
+"的一部分或字段名称也是不可信任的，因为请求并不一定是来自你的表单！"
 
 #: ../../library/cgi.rst:357
 msgid ""
