forked from AFPy/python-docs-fr
285 lines
9.2 KiB
Plaintext
285 lines
9.2 KiB
Plaintext
# SOME DESCRIPTIVE TITLE.
|
||
# Copyright (C) 1990-2016, Python Software Foundation
|
||
# This file is distributed under the same license as the Python package.
|
||
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
|
||
#
|
||
#, fuzzy
|
||
msgid ""
|
||
msgstr ""
|
||
"Project-Id-Version: Python 2.7\n"
|
||
"Report-Msgid-Bugs-To: \n"
|
||
"POT-Creation-Date: 2016-10-30 10:44+0100\n"
|
||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||
"MIME-Version: 1.0\n"
|
||
"Content-Type: text/plain; charset=UTF-8\n"
|
||
"Content-Transfer-Encoding: 8bit\n"
|
||
|
||
#: ../Doc/library/xml.rst:4
|
||
msgid "XML Processing Modules"
|
||
msgstr "Modules de traitement XML"
|
||
|
||
#: ../Doc/library/xml.rst:12
|
||
msgid ""
|
||
"Python's interfaces for processing XML are grouped in the ``xml`` package."
|
||
msgstr ""
|
||
"Les interfaces de Python de traitement de XML sont regroupées dans le paquet "
|
||
"``xml``."
|
||
|
||
#: ../Doc/library/xml.rst:16
|
||
msgid ""
|
||
"The XML modules are not secure against erroneous or maliciously constructed "
|
||
"data. If you need to parse untrusted or unauthenticated data see :ref:`xml-"
|
||
"vulnerabilities`."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:20
|
||
msgid ""
|
||
"It is important to note that modules in the :mod:`xml` package require that "
|
||
"there be at least one SAX-compliant XML parser available. The Expat parser "
|
||
"is included with Python, so the :mod:`xml.parsers.expat` module will always "
|
||
"be available."
|
||
msgstr ""
|
||
"Il est important de noter que les modules dans le paquet :mod:`xml` "
|
||
"nécessitent qu'au moins un analyseur compatible SAX soit disponible. "
|
||
"L'analyseur Expat est inclus dans Python, ainsi le module :mod:`xml.parsers."
|
||
"expat` est toujours disponible."
|
||
|
||
#: ../Doc/library/xml.rst:25
|
||
msgid ""
|
||
"The documentation for the :mod:`xml.dom` and :mod:`xml.sax` packages are the "
|
||
"definition of the Python bindings for the DOM and SAX interfaces."
|
||
msgstr ""
|
||
"La documentation des *bindings* des interfaces DOM et SAX se trouve dans :"
|
||
"mod:`xml.dom` et :mod:`xml.sax`."
|
||
|
||
#: ../Doc/library/xml.rst:28
|
||
msgid "The XML handling submodules are:"
|
||
msgstr "Les sous-modules de traitement XML sont :"
|
||
|
||
#: ../Doc/library/xml.rst:30
|
||
msgid ""
|
||
":mod:`xml.etree.ElementTree`: the ElementTree API, a simple and lightweight "
|
||
"XML processor"
|
||
msgstr ""
|
||
":mod:`xml.etree.ElementTree`: l'API ElementTree, un processeur simple et "
|
||
"léger"
|
||
|
||
#: ../Doc/library/xml.rst:35
|
||
msgid ":mod:`xml.dom`: the DOM API definition"
|
||
msgstr ":mod:`xml.dom`: la définition de l'API DOM"
|
||
|
||
#: ../Doc/library/xml.rst:36
|
||
msgid ":mod:`xml.dom.minidom`: a minimal DOM implementation"
|
||
msgstr ":mod:`xml.dom.minidom`: une implémentation minimale de DOM"
|
||
|
||
#: ../Doc/library/xml.rst:37
|
||
msgid ":mod:`xml.dom.pulldom`: support for building partial DOM trees"
|
||
msgstr ""
|
||
":mod:`xml.dom.pulldom`: gestion de la construction partiel des arbres DOM"
|
||
|
||
#: ../Doc/library/xml.rst:41
|
||
msgid ":mod:`xml.sax`: SAX2 base classes and convenience functions"
|
||
msgstr ":mod:`xml.sax`: classes de bases SAX2 base et fonctions utilitaires"
|
||
|
||
#: ../Doc/library/xml.rst:42
|
||
msgid ":mod:`xml.parsers.expat`: the Expat parser binding"
|
||
msgstr ":mod:`xml.parsers.expat`: le *binding* de l'analyseur Expat"
|
||
|
||
#: ../Doc/library/xml.rst:48
|
||
msgid "XML vulnerabilities"
|
||
msgstr "Vulnérabilités XML"
|
||
|
||
#: ../Doc/library/xml.rst:50
|
||
msgid ""
|
||
"The XML processing modules are not secure against maliciously constructed "
|
||
"data. An attacker can abuse vulnerabilities for e.g. denial of service "
|
||
"attacks, to access local files, to generate network connections to other "
|
||
"machines, or to or circumvent firewalls. The attacks on XML abuse unfamiliar "
|
||
"features like inline `DTD`_ (document type definition) with entities."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:56
|
||
msgid ""
|
||
"The following table gives an overview of the known attacks and if the "
|
||
"various modules are vulnerable to them."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:60
|
||
msgid "kind"
|
||
msgstr "type"
|
||
|
||
#: ../Doc/library/xml.rst:60
|
||
msgid "sax"
|
||
msgstr "sax"
|
||
|
||
#: ../Doc/library/xml.rst:60
|
||
msgid "etree"
|
||
msgstr "etree"
|
||
|
||
#: ../Doc/library/xml.rst:60
|
||
msgid "minidom"
|
||
msgstr "minidom"
|
||
|
||
#: ../Doc/library/xml.rst:60
|
||
msgid "pulldom"
|
||
msgstr "pulldom"
|
||
|
||
#: ../Doc/library/xml.rst:60
|
||
msgid "xmlrpc"
|
||
msgstr "xmlrpc"
|
||
|
||
#: ../Doc/library/xml.rst:62
|
||
msgid "billion laughs"
|
||
msgstr "*billion laughs*"
|
||
|
||
#: ../Doc/library/xml.rst:62 ../Doc/library/xml.rst:63
|
||
#: ../Doc/library/xml.rst:64 ../Doc/library/xml.rst:65
|
||
#: ../Doc/library/xml.rst:66
|
||
msgid "**Vulnerable**"
|
||
msgstr "**Vulnérable**"
|
||
|
||
#: ../Doc/library/xml.rst:63
|
||
msgid "quadratic blowup"
|
||
msgstr "*quadratic blowup*"
|
||
|
||
#: ../Doc/library/xml.rst:64 ../Doc/library/xml.rst:95
|
||
msgid "external entity expansion"
|
||
msgstr "*external entity expansion*"
|
||
|
||
#: ../Doc/library/xml.rst:64
|
||
msgid "Safe (1)"
|
||
msgstr "Sûr (1)"
|
||
|
||
#: ../Doc/library/xml.rst:64
|
||
msgid "Safe (2)"
|
||
msgstr "Sûr (2)"
|
||
|
||
#: ../Doc/library/xml.rst:64
|
||
msgid "Safe (3)"
|
||
msgstr "Sûr (3)"
|
||
|
||
#: ../Doc/library/xml.rst:65 ../Doc/library/xml.rst:100
|
||
msgid "`DTD`_ retrieval"
|
||
msgstr "Récupération de `DTD`_"
|
||
|
||
#: ../Doc/library/xml.rst:65 ../Doc/library/xml.rst:66
|
||
msgid "Safe"
|
||
msgstr "Sûr"
|
||
|
||
#: ../Doc/library/xml.rst:66 ../Doc/library/xml.rst:106
|
||
msgid "decompression bomb"
|
||
msgstr "*decompression bomb*"
|
||
|
||
#: ../Doc/library/xml.rst:69
|
||
msgid ""
|
||
":mod:`xml.etree.ElementTree` doesn't expand external entities and raises a "
|
||
"ParserError when an entity occurs."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:71
|
||
msgid ""
|
||
":mod:`xml.dom.minidom` doesn't expand external entities and simply returns "
|
||
"the unexpanded entity verbatim."
|
||
msgstr ""
|
||
":mod:`xml.dom.minidom` n'étend pas les entités externe et renvoie simplement "
|
||
"le verbatim de l'entité non étendu."
|
||
|
||
#: ../Doc/library/xml.rst:73
|
||
msgid ":mod:`xmlrpclib` doesn't expand external entities and omits them."
|
||
msgstr ":mod:`xmlrpclib` n'étend pas les entités externes et les omet."
|
||
|
||
#: ../Doc/library/xml.rst:81
|
||
msgid "billion laughs / exponential entity expansion"
|
||
msgstr "*billion laughs* / *exponential entity expansion*"
|
||
|
||
#: ../Doc/library/xml.rst:77
|
||
msgid ""
|
||
"The `Billion Laughs`_ attack -- also known as exponential entity expansion "
|
||
"-- uses multiple levels of nested entities. Each entity refers to another "
|
||
"entity several times, the final entity definition contains a small string. "
|
||
"Eventually the small string is expanded to several gigabytes. The "
|
||
"exponential expansion consumes lots of CPU time, too."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:88
|
||
msgid "quadratic blowup entity expansion"
|
||
msgstr "*quadratic blowup entity expansion*"
|
||
|
||
#: ../Doc/library/xml.rst:84
|
||
msgid ""
|
||
"A quadratic blowup attack is similar to a `Billion Laughs`_ attack; it "
|
||
"abuses entity expansion, too. Instead of nested entities it repeats one "
|
||
"large entity with a couple of thousand chars over and over again. The attack "
|
||
"isn't as efficient as the exponential case but it avoids triggering "
|
||
"countermeasures of parsers against heavily nested entities."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:91
|
||
msgid ""
|
||
"Entity declarations can contain more than just text for replacement. They "
|
||
"can also point to external resources by public identifiers or system "
|
||
"identifiers. System identifiers are standard URIs or can refer to local "
|
||
"files. The XML parser retrieves the resource with e.g. HTTP or FTP requests "
|
||
"and embeds the content into the XML document."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:98
|
||
msgid ""
|
||
"Some XML libraries like Python's :mod:`xml.dom.pulldom` retrieve document "
|
||
"type definitions from remote or local locations. The feature has similar "
|
||
"implications as the external entity expansion issue."
|
||
msgstr ""
|
||
"Certaines bibliothèques XML comme :mod:`xml.dom.pulldom` de Python récupère "
|
||
"les documents de définitions de types (DTD) depuis des emplacements distants "
|
||
"ou locaux. La fonctionnalité a des implications similaires que le problème "
|
||
"d'extension d'entités externes."
|
||
|
||
#: ../Doc/library/xml.rst:103
|
||
msgid ""
|
||
"The issue of decompression bombs (aka `ZIP bomb`_) apply to all XML "
|
||
"libraries that can parse compressed XML stream like gzipped HTTP streams or "
|
||
"LZMA-ed files. For an attacker it can reduce the amount of transmitted data "
|
||
"by three magnitudes or more."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:108
|
||
msgid ""
|
||
"The documentation of `defusedxml`_ on PyPI has further information about all "
|
||
"known attack vectors with examples and references."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:112
|
||
msgid "defused packages"
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:114
|
||
msgid ""
|
||
"These external packages are recommended for any code that parses untrusted "
|
||
"XML data."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:117
|
||
msgid ""
|
||
"`defusedxml`_ is a pure Python package with modified subclasses of all "
|
||
"stdlib XML parsers that prevent any potentially malicious operation. The "
|
||
"package also ships with example exploits and extended documentation on more "
|
||
"XML exploits like xpath injection."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:122
|
||
msgid ""
|
||
"`defusedexpat`_ provides a modified libexpat and patched replacement :mod:"
|
||
"`pyexpat` extension module with countermeasures against entity expansion DoS "
|
||
"attacks. Defusedexpat still allows a sane and configurable amount of entity "
|
||
"expansions. The modifications will be merged into future releases of Python."
|
||
msgstr ""
|
||
|
||
#: ../Doc/library/xml.rst:127
|
||
msgid ""
|
||
"The workarounds and modifications are not included in patch releases as they "
|
||
"break backward compatibility. After all inline DTD and entity expansion are "
|
||
"well-defined XML features."
|
||
msgstr ""
|