-
-
Notifications
You must be signed in to change notification settings - Fork 214
/
Copy pathxml.po
336 lines (283 loc) · 12.5 KB
/
xml.po
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
# Copyright (C) 2001-2024, Python Software Foundation
# This file is distributed under the same license as the Python package.
#
# Translators:
# Leon H., 2017
# Matt Wang <mattwang44@gmail.com>, 2023
msgid ""
msgstr ""
"Project-Id-Version: Python 3.13\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-04-18 00:04+0000\n"
"PO-Revision-Date: 2023-08-21 02:16+0000\n"
"Last-Translator: Matt Wang <mattwang44@gmail.com>\n"
"Language-Team: Chinese - TAIWAN (https://github.com/python/python-docs-zh-"
"tw)\n"
"Language: zh_TW\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=1; plural=0;\n"
#: ../../library/xml.rst:4
msgid "XML Processing Modules"
msgstr "XML 處理模組"
#: ../../library/xml.rst:12
msgid "**Source code:** :source:`Lib/xml/`"
msgstr "**原始碼:**\\ :source:`Lib/xml/`"
#: ../../library/xml.rst:16
msgid ""
"Python's interfaces for processing XML are grouped in the ``xml`` package."
msgstr "Python 處理 XML 的介面被歸類於 ``xml`` 套件中。"
#: ../../library/xml.rst:20
msgid ""
"The XML modules are not secure against erroneous or maliciously constructed "
"data. If you need to parse untrusted or unauthenticated data see the :ref:"
"`xml-vulnerabilities` and :ref:`defusedxml-package` sections."
msgstr ""
"XML 模組無法抵禦錯誤或惡意建構的資料。如果你需要剖析不受信任或未經身份驗證的"
"資料,請參閱 :ref:`xml-vulnerabilities` 和 :ref:`defusedxml-package` 段落。"
#: ../../library/xml.rst:25
msgid ""
"It is important to note that modules in the :mod:`xml` package require that "
"there be at least one SAX-compliant XML parser available. The Expat parser "
"is included with Python, so the :mod:`xml.parsers.expat` module will always "
"be available."
msgstr ""
"請務必注意 :mod:`xml` 套件中的模組要求至少有一個可用的 SAX 相容 XML 剖析器。"
"Expat 剖析器包含在 Python 中,所以總是可以使用 :mod:`xml.parsers.expat` 模"
"組。"
#: ../../library/xml.rst:30
msgid ""
"The documentation for the :mod:`xml.dom` and :mod:`xml.sax` packages are the "
"definition of the Python bindings for the DOM and SAX interfaces."
msgstr ""
":mod:`xml.dom` 和 :mod:`xml.sax` 套件的文件為 DOM 和 SAX 介面的 Python 繫結的"
"定義。"
#: ../../library/xml.rst:33
msgid "The XML handling submodules are:"
msgstr "以下是 XML 處理子模組:"
#: ../../library/xml.rst:35
msgid ""
":mod:`xml.etree.ElementTree`: the ElementTree API, a simple and lightweight "
"XML processor"
msgstr ""
":mod:`xml.etree.ElementTree`:ElementTree API,一個簡單且輕量級的 XML 處理器"
#: ../../library/xml.rst:40
msgid ":mod:`xml.dom`: the DOM API definition"
msgstr ":mod:`xml.dom`:DOM API 定義"
#: ../../library/xml.rst:41
msgid ":mod:`xml.dom.minidom`: a minimal DOM implementation"
msgstr ":mod:`xml.dom.minidom`:最小的 DOM 實作"
#: ../../library/xml.rst:42
msgid ":mod:`xml.dom.pulldom`: support for building partial DOM trees"
msgstr ":mod:`xml.dom.pulldom`:支援建置部分 DOM 樹"
#: ../../library/xml.rst:46
msgid ":mod:`xml.sax`: SAX2 base classes and convenience functions"
msgstr ":mod:`xml.sax`:SAX2 基底類別和便利函式"
#: ../../library/xml.rst:47
msgid ":mod:`xml.parsers.expat`: the Expat parser binding"
msgstr ":mod:`xml.parsers.expat`:Expat 剖析器繫結"
#: ../../library/xml.rst:53
msgid "XML vulnerabilities"
msgstr "XML 漏洞"
#: ../../library/xml.rst:55
msgid ""
"The XML processing modules are not secure against maliciously constructed "
"data. An attacker can abuse XML features to carry out denial of service "
"attacks, access local files, generate network connections to other machines, "
"or circumvent firewalls."
msgstr ""
"XML 處理模組無法抵禦惡意建構的資料。攻擊者可以濫用 XML 功能來執行阻斷服務攻"
"擊 (denial of service attack)、存取本地檔案、生成與其他機器的網路連接或繞過防"
"火牆。"
#: ../../library/xml.rst:60
msgid ""
"The following table gives an overview of the known attacks and whether the "
"various modules are vulnerable to them."
msgstr "下表概述了已知的攻擊以及各個模組是否易有漏洞。"
#: ../../library/xml.rst:64
msgid "kind"
msgstr "種類"
#: ../../library/xml.rst:64
msgid "sax"
msgstr "sax"
#: ../../library/xml.rst:64
msgid "etree"
msgstr "etree"
#: ../../library/xml.rst:64
msgid "minidom"
msgstr "minidom"
#: ../../library/xml.rst:64
msgid "pulldom"
msgstr "pulldom"
#: ../../library/xml.rst:64
msgid "xmlrpc"
msgstr "xmlrpc"
#: ../../library/xml.rst:66
msgid "billion laughs"
msgstr "十億笑聲 (billion laughs)"
#: ../../library/xml.rst:66 ../../library/xml.rst:67
msgid "**Vulnerable** (1)"
msgstr "**脆弱** (1)"
#: ../../library/xml.rst:67
msgid "quadratic blowup"
msgstr "二次爆炸 (quadratic blowup)"
#: ../../library/xml.rst:68 ../../library/xml.rst:106
msgid "external entity expansion"
msgstr "外部實體擴展 (external entity expansion)"
#: ../../library/xml.rst:68 ../../library/xml.rst:69
msgid "Safe (5)"
msgstr "安全 (5)"
#: ../../library/xml.rst:68
msgid "Safe (2)"
msgstr "安全 (2)"
#: ../../library/xml.rst:68
msgid "Safe (3)"
msgstr "安全 (3)"
#: ../../library/xml.rst:68
msgid "Safe (4)"
msgstr "安全 (4)"
#: ../../library/xml.rst:69 ../../library/xml.rst:111
msgid "`DTD`_ retrieval"
msgstr "`DTD`_ 檢索"
#: ../../library/xml.rst:69 ../../library/xml.rst:70
msgid "Safe"
msgstr "安全"
#: ../../library/xml.rst:70 ../../library/xml.rst:116
msgid "decompression bomb"
msgstr "解壓縮炸彈 (decompression bomb)"
#: ../../library/xml.rst:70
msgid "**Vulnerable**"
msgstr "**脆弱**"
#: ../../library/xml.rst:71 ../../library/xml.rst:123
msgid "large tokens"
msgstr "大型 token"
#: ../../library/xml.rst:71
msgid "**Vulnerable** (6)"
msgstr "**脆弱** (6)"
#: ../../library/xml.rst:74
msgid ""
"Expat 2.4.1 and newer is not vulnerable to the \"billion laughs\" and "
"\"quadratic blowup\" vulnerabilities. Items still listed as vulnerable due "
"to potential reliance on system-provided libraries. Check :const:`!pyexpat."
"EXPAT_VERSION`."
msgstr ""
"Expat 2.4.1 及更新的版本不易受到「十億笑聲」和「二次爆炸」漏洞的影響。但仍可"
"能由於依賴系統提供的函式庫而被列為易受攻擊的項目。請檢查 :const:`!pyexpat."
"EXPAT_VERSION`。"
#: ../../library/xml.rst:78
msgid ""
":mod:`xml.etree.ElementTree` doesn't expand external entities and raises a :"
"exc:`~xml.etree.ElementTree.ParseError` when an entity occurs."
msgstr ""
":mod:`xml.etree.ElementTree` 不會擴展外部實體,並在實體出現時引發 :exc:`~xml."
"etree.ElementTree.ParseError`。"
#: ../../library/xml.rst:80
msgid ""
":mod:`xml.dom.minidom` doesn't expand external entities and simply returns "
"the unexpanded entity verbatim."
msgstr ":mod:`xml.dom.minidom` 不會擴展外部實體,只會逐字回傳未擴展的實體。"
#: ../../library/xml.rst:82
msgid ":mod:`xmlrpc.client` doesn't expand external entities and omits them."
msgstr ":mod:`xmlrpc.client` 不會擴展外部實體且會忽略它們。"
#: ../../library/xml.rst:83
msgid ""
"Since Python 3.7.1, external general entities are no longer processed by "
"default."
msgstr "從 Python 3.7.1 開始,預設情況下不再處理外部通用實體。"
#: ../../library/xml.rst:85
msgid ""
"Expat 2.6.0 and newer is not vulnerable to denial of service through "
"quadratic runtime caused by parsing large tokens. Items still listed as "
"vulnerable due to potential reliance on system-provided libraries. Check :"
"const:`!pyexpat.EXPAT_VERSION`."
msgstr ""
"Expat 2.6.0 及更新版本不易受到剖析大型 token 所導致的二次 runtime 阻斷服務的"
"影響。由於可能依賴系統提供的函式庫,因此仍被列為易受攻擊的項目。請參考 :"
"const:`!pyexpat.EXPAT_VERSION`。"
#: ../../library/xml.rst:92
msgid "billion laughs / exponential entity expansion"
msgstr "十億笑聲 / 指數實體擴展"
#: ../../library/xml.rst:93
msgid ""
"The `Billion Laughs`_ attack -- also known as exponential entity expansion "
"-- uses multiple levels of nested entities. Each entity refers to another "
"entity several times, and the final entity definition contains a small "
"string. The exponential expansion results in several gigabytes of text and "
"consumes lots of memory and CPU time."
msgstr ""
"`十億笑聲 <Billion Laughs_>`_\\ 攻擊(也稱為指數實體擴展 (exponential entity "
"expansion))使用多層巢狀實體。每個實體多次引用另一個實體,最終的實體定義包含"
"一個小字串。指數擴展會產生數 GB 的文本,並消耗大量記憶體和 CPU 時間。"
#: ../../library/xml.rst:99
msgid "quadratic blowup entity expansion"
msgstr "二次爆炸實體擴展"
#: ../../library/xml.rst:100
msgid ""
"A quadratic blowup attack is similar to a `Billion Laughs`_ attack; it "
"abuses entity expansion, too. Instead of nested entities it repeats one "
"large entity with a couple of thousand chars over and over again. The attack "
"isn't as efficient as the exponential case but it avoids triggering parser "
"countermeasures that forbid deeply nested entities."
msgstr ""
"二次爆炸攻擊類似於\\ `十億笑聲 <Billion Laughs_>`_\\ 攻擊;它也濫用實體擴展。"
"它不是巢狀實體,而是一遍又一遍地重複一個具有幾千個字元的大型實體。該攻擊不如"
"指數擴展那麼有效率,但它不會觸發那些用來防止深度巢狀實體的剖析器對策。"
#: ../../library/xml.rst:107
msgid ""
"Entity declarations can contain more than just text for replacement. They "
"can also point to external resources or local files. The XML parser accesses "
"the resource and embeds the content into the XML document."
msgstr ""
"實體聲明不僅僅可以包含用於替換的文本,它們還可以指向外部資源或本地檔案。XML "
"剖析器會存取資源並將內容嵌入到 XML 文件中。"
#: ../../library/xml.rst:112
msgid ""
"Some XML libraries like Python's :mod:`xml.dom.pulldom` retrieve document "
"type definitions from remote or local locations. The feature has similar "
"implications as the external entity expansion issue."
msgstr ""
"一些 XML 函式庫(例如 Python 的 :mod:`xml.dom.pulldom`)從遠端或本地位置檢索"
"文件類型定義。該功能與外部實體擴展問題具有類似的含義。"
#: ../../library/xml.rst:117
msgid ""
"Decompression bombs (aka `ZIP bomb`_) apply to all XML libraries that can "
"parse compressed XML streams such as gzipped HTTP streams or LZMA-compressed "
"files. For an attacker it can reduce the amount of transmitted data by three "
"magnitudes or more."
msgstr ""
"解壓縮炸彈(又名 `ZIP bomb`_\\ )適用於所有可以剖析壓縮 XML 串流(例如 gzip "
"壓縮的 HTTP 串流或 LZMA 壓縮檔案)的 XML 函式庫。對於攻擊者來說,它可以將傳輸"
"的資料量減少三個或更多數量級。"
#: ../../library/xml.rst:124
msgid ""
"Expat needs to re-parse unfinished tokens; without the protection introduced "
"in Expat 2.6.0, this can lead to quadratic runtime that can be used to cause "
"denial of service in the application parsing XML. The issue is known as :cve:"
"`2023-52425`."
msgstr ""
"Expat 需要重新剖析未完成的 token;如果沒有 Expat 2.6.0 中引入的保護,這可能會"
"導致二次 runtime 而導致剖析 XML 的應用程式出現阻斷服務。此問題記錄於 :cve:"
"`2023-52425`。"
#: ../../library/xml.rst:129
msgid ""
"The documentation for :pypi:`defusedxml` on PyPI has further information "
"about all known attack vectors with examples and references."
msgstr ""
"PyPI 上的 :pypi:`defusedxml` 文件包含有關所有已知攻擊媒介 (attack vector) 的"
"更多資訊以及範例和參考資料。"
#: ../../library/xml.rst:135
msgid "The :mod:`!defusedxml` Package"
msgstr ":mod:`!defusedxml` 套件"
#: ../../library/xml.rst:137
msgid ""
":pypi:`defusedxml` is a pure Python package with modified subclasses of all "
"stdlib XML parsers that prevent any potentially malicious operation. Use of "
"this package is recommended for any server code that parses untrusted XML "
"data. The package also ships with example exploits and extended "
"documentation on more XML exploits such as XPath injection."
msgstr ""
":pypi:`defusedxml` 是一個純 Python 套件,其中包含所有標準函式庫中 XML 剖析器"
"的修正版本子類別,可防止任何潛在的惡意操作。當伺服器程式會剖析任何不受信任的 "
"XML 資料時建議使用此套件。該套件還附帶了更多有關 XML 漏洞(例如 XPath 注入)"
"的範例和延伸文件。"