michael@0: # Mixed Content Blocker michael@0: # LOCALIZATION NOTE: "%1$S" is the URI of the blocked mixed content resource michael@0: BlockMixedDisplayContent = Blocked loading mixed display content "%1$S" michael@0: BlockMixedActiveContent = Blocked loading mixed active content "%1$S" michael@0: michael@0: # CSP michael@0: ReportOnlyCSPIgnored=Report-only CSP policy will be ignored because there are other non-report-only CSP policies applied. michael@0: # LOCALIZATION NOTE: Do not translate "X-Content-Security-Policy", "X-Content-Security-Policy-Report-Only", "Content-Security-Policy" or "Content-Security-Policy-Report-Only" michael@0: OldCSPHeaderDeprecated=The X-Content-Security-Policy and X-Content-Security-Report-Only headers will be deprecated in the future. Please use the Content-Security-Policy and Content-Security-Report-Only headers with CSP spec compliant syntax instead. michael@0: # LOCALIZATION NOTE: Do not translate "X-Content-Security-Policy/Report-Only" or "Content-Security-Policy/Report-Only" michael@0: BothCSPHeadersPresent=This site specified both an X-Content-Security-Policy/Report-Only header and a Content-Security-Policy/Report-Only header. The X-Content-Security-Policy/Report-Only header(s) will be ignored. michael@0: michael@0: # CORS michael@0: CrossSiteRequestBlocked=Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at %1$S. This can be fixed by moving the resource to the same domain or enabling CORS. michael@0: michael@0: # LOCALIZATION NOTE: Do not translate "Strict-Transport-Security" or "HSTS" michael@0: InvalidSTSHeaders=The site specified an invalid Strict-Transport-Security header. michael@0: InsecurePasswordsPresentOnPage=Password fields present on an insecure (http://) page. This is a security risk that allows user login credentials to be stolen. michael@0: InsecureFormActionPasswordsPresent=Password fields present in a form with an insecure (http://) form action. This is a security risk that allows user login credentials to be stolen. michael@0: InsecurePasswordsPresentOnIframe=Password fields present on an insecure (http://) iframe. This is a security risk that allows user login credentials to be stolen. michael@0: LoadingMixedActiveContent=Loading mixed (insecure) active content on a secure page "%1$S" michael@0: LoadingMixedDisplayContent=Loading mixed (insecure) display content on a secure page "%1$S"