Spade

Mini Shell

Directory:~$ /home/lmsyaran/www/joomla5/administrator/language/en-GB/
Upload File
[Home] [System Details] [Kill Me]
Current File:~$ /home/lmsyaran/www/joomla5/administrator/language/en-GB/plg_system_httpheaders.ini

; Joomla! Project
; (C) 2018 Open Source Matters, Inc. <https://www.joomla.org>
; License GNU General Public License version 2 or later; see LICENSE.txt
; Note : All ini files need to be saved as UTF-8

PLG_SYSTEM_HTTPHEADERS="System - HTTP Headers" ; Do not translate
'HTTP Headers'
PLG_SYSTEM_HTTPHEADERS_ADDITIONAL_HEADER="Force HTTP Headers" ;
Do not translate 'HTTP Headers'
PLG_SYSTEM_HTTPHEADERS_ADDITIONAL_HEADER_KEY="HTTP Header" ; Do
not translate 'HTTP Header'
PLG_SYSTEM_HTTPHEADERS_ADDITIONAL_HEADER_VALUE="HTTP Header
Value" ; Do not translate 'HTTP Header'
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY="<a
href='https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP'
target='_blank' rel='noopener noreferrer'>Content
Security Policy (CSP)</a>" ; Do not translate
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_CLIENT="Client"
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_FRAME_ANCESTORS_SELF_ENABLED="frame-ancestors
'self'" ; Do not translate
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_FRAME_ANCESTORS_SELF_ENABLED_DESC="Enable
the CSP clickjacking protection frame-ancestors and only allow the origin
'self'. Please use the form below to allow origins other than
'self'."
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_NONCE_ENABLED="<a
href='https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src'
target='_blank' rel='noopener
noreferrer'>Nonce</a>" ; Please only change the URL
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_NONCE_ENABLED_DESC="Enable
the whitelist for specific inline scripts using a cryptographic nonce
(number used once) for all scripts and styles using the Joomla API.
Specifying a nonce makes a modern browser ignore 'unsafe-inline'
which should still be set for older browsers without nonce support."
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_REPORT_ONLY_DESC="Use the
header 'Content-Security-Policy-Report-Only' instead of
'Content-Security-Policy'." ; Do not translate
'Content-Security-Policy' &
'Content-Security-Policy-Report-Only'
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_REPORT_ONLY="Report-Only"
; Do not translate
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STRICT_DYNAMIC_ENABLED="strict-dynamic"
; Do not translate
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STRICT_DYNAMIC_ENABLED_DESC="The
strict-dynamic source expression specifies that the trust explicitly given
to a script present in the markup, by accompanying it with a nonce or a
hash, shall be propagated to all the scripts loaded by that root script. At
the same time, any allowed or source expressions such as 'self'
or 'unsafe-inline' will be ignored." ; Do not translate
'strict-dynamic', 'self' and 'unsafe-inline'
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_SCRIPT_HASHES_ENABLED="<a
href='https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src'
target='_blank' rel='noopener noreferrer'>Script
hashes</a>" ; Please only change the URL
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_SCRIPT_HASHES_ENABLED_DESC="Enable
the optional hash based whitelist inline scripts using a cryptographic hash
for all scripts using the Joomla API. Specifying hashes makes a modern
browser ignore 'unsafe-inline' which should still be set for
older browsers without hash support."
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STYLE_HASHES_ENABLED="<a
href='https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src'
target='_blank' rel='noopener noreferrer'>Style
hashes</a>" ; Please only change the URL
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_STYLE_HASHES_ENABLED_DESC="Enable
the optional hash based whitelist inline styles using a cryptographic hash
for all styles using the Joomla API. Specifying hashes makes a modern
browser ignore 'unsafe-inline' which should still be set for
older browsers without hash support."
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_VALUES="Add
Directive"
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_VALUES_DIRECTIVE="Policy
Directive"
PLG_SYSTEM_HTTPHEADERS_CONTENTSECURITYPOLICY_VALUES_VALUE="Value"
PLG_SYSTEM_HTTPHEADERS_COOP="Cross-Origin-Opener-Policy" ; Do not
translate
PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT="Client"
PLG_SYSTEM_HTTPHEADERS_HEADER_CLIENT_BOTH="Both"
PLG_SYSTEM_HTTPHEADERS_HSTS="<a
href='https://hstspreload.org' target='_blank'
rel='noopener noreferrer'>HTTP Strict Transport Security
(HSTS)</a>" ; Do not translate
PLG_SYSTEM_HTTPHEADERS_HSTS_MAXAGE="max-age" ; Do not translate
PLG_SYSTEM_HTTPHEADERS_HSTS_MAXAGE_DESC="This option sets the time for
'max-age', it is specified in seconds. The default value is
31536000, which corresponds to one year" ; Please do not translate
'max-age'
PLG_SYSTEM_HTTPHEADERS_HSTS_PRELOAD="Preload" ; Do not translate
PLG_SYSTEM_HTTPHEADERS_HSTS_PRELOAD_DESC="This option activates the
opt-in for inclusion in so-called browser preload lists."
PLG_SYSTEM_HTTPHEADERS_HSTS_PRELOAD_NOTE="Important"
PLG_SYSTEM_HTTPHEADERS_HSTS_PRELOAD_NOTE_DESC="HSTS means that your
domain can no longer be called without HTTPS. Once added to the preload
list, this is not easy to undo. Domains can be removed, but it takes months
for users to make a change with a browser
update.<br><strong>This option is very important to prevent
'man-in-the-middle attacks', so it should be activated in any
case, but only if you are sure that HTTPS is supported for domain and all
subdomains in the long run! The value for 'max-age' must be set
to 63072000 (2 years) for recording.</strong>" ; Please do not
translate 'max-age'
PLG_SYSTEM_HTTPHEADERS_HSTS_SUBDOMAINS="Also for subdomains"
PLG_SYSTEM_HTTPHEADERS_HSTS_SUBDOMAINS_DESC="HSTS should also be
enabled <strong>for subdomains</strong> usually the subdomain
'www' is taken into account when creating the SSL certificate. If
further subdomains are used, please note that they are also provided with a
valid SSL certificate."
PLG_SYSTEM_HTTPHEADERS_POSTINSTALL_INTRODUCTION_ACTION="Enable default
security headers"
PLG_SYSTEM_HTTPHEADERS_POSTINSTALL_INTRODUCTION_BODY="<p>Joomla!
comes with a built-in set of tools that help you to handle http security
headers. These headers help your browser for example to protect your
website from <a
href='https://en.wikipedia.org/wiki/Cross-site_scripting'
target='_blank' rel='noopener
noreferrer'>XSS</a> and <a
href='https://en.wikipedia.org/wiki/Clickjacking'
target='_blank' rel='noopener
noreferrer'>Clickjacking</a> attacks.</p><p>You
can find more details in the <a
href='https://docs.joomla.org/Special:MyLanguage/J4.x:Http_Header_Management'
target='_blank' rel='noopener noreferrer'>HTTP
Header Management Tutorial in the Joomla!
Documentation.</a></p>"
PLG_SYSTEM_HTTPHEADERS_POSTINSTALL_INTRODUCTION_TITLE="HTTP Security
Headers"
PLG_SYSTEM_HTTPHEADERS_REFERRERPOLICY="<a
href='https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy'
target='_blank' rel='noopener
noreferrer'>Referrer-Policy</a>" ; Do not translate
PLG_SYSTEM_HTTPHEADERS_XFRAMEOPTIONS="<a
href='https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options'
target='_blank' rel='noopener
noreferrer'>X-Frame-Options</a>" ; Do not translate
PLG_SYSTEM_HTTPHEADERS_XML_DESCRIPTION="This Plugin helps you to set
the HTTP Security Headers" ; Please do not translate 'HTTP
Security Headers'