Re: Review of new English templates for Horizon (ie: OpenStack dashboard)
Thomas Goirand wrote:
> I've added the attached new template to Horizon. Please let me know if
> you see issues in it and send us the corrections.
A couple of minor ones - revised version and diff attached.
> Template: horizon/allowed-hosts
> Type: string
> _Description: List of allowed hostnames
> Enter the list of hostname that can be used to reach your OpenStack Dashboard
^
> server. This is a security measure to prevent HTTP Host header attacks, which
> are possible even under many seemingly-safe web server configurations.
Oh, yes, there's a trivial English error there: if the hostname was
singular it wouldn't make much of a list. While I'm fixing that we
might as well make it a bit less blunt:
Please enter the list of hostnames that can be used [...]
(Or is this commonly going to be a single permitted hostname? If so
then perhaps it should say "_Description: Allowed hostname(s)", but
I'll assume not.)
> .
> Enter values separated by comas. Any space will be removed, so you can add
> some to make it more readable.
Spelling: "commas". Perhaps a bit wordy, but not worth messing with.
> .
> Values in this list can be fully qualified names like www.example.com, in
^ ^
That should probably be in quotes, since later you use quotes to
distinguish valid strings from the hostnames they refer to. We've tended
to standardise on double- rather than single-quotes, though.
> which case they will be matched against the request's Host header exactly
> (case-insensitive, not including port). A value beginning with a period can be
> used as a subdomain wildcard: '.example.com' will match example.com,
> www.example.com, and any other subdomain of example.com. A value of '*' will
> match anything; in this case you are responsible to provide your own
for providing your own
> validation of the Host header (perhaps in a middleware; if so this middleware
> must be listed first in MIDDLEWARE).
English -ware words are never count nouns, so it's "in middleware" or
"in a middleware layer".
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
# These templates have been reviewed by the debian-l10n-english
# team
#
# If modifications/additions/rewording are needed, please ask
# debian-l10n-english@lists.debian.org for advice.
#
# Even minor modifications require translation updates and such
# changes should be coordinated with translators and reviewers.
Template: horizon/allowed-hosts
Type: string
_Description: List of allowed hostnames
Please enter the list of hostnames that can be used to reach your OpenStack
Dashboard server. This is a security measure to prevent HTTP Host header attacks,
which are possible even under many seemingly-safe web server configurations.
.
Enter values separated by commas. Any space will be removed, so you can add
some to make it more readable.
.
Values in this list can be fully qualified names like "www.example.com", in
which case they will be matched against the request's Host header exactly
(case-insensitive, not including port). A value beginning with a period can be
used as a subdomain wildcard: ".example.com" will match example.com,
www.example.com, and any other subdomain of example.com. A value of "*" will
match anything; in this case you are responsible for providing your own
validation of the Host header (perhaps in middleware; if so this middleware
must be listed first in MIDDLEWARE).
--- openstack-dashboard.templates 2017-11-14 17:38:36.758820110 +0000
+++ openstack-dashboard.templates.jbr 2017-11-14 17:42:08.816280986 +0000
@@ -10,18 +10,18 @@
Template: horizon/allowed-hosts
Type: string
_Description: List of allowed hostnames
- Enter the list of hostname that can be used to reach your OpenStack Dashboard
- server. This is a security measure to prevent HTTP Host header attacks, which
- are possible even under many seemingly-safe web server configurations.
+ Please enter the list of hostnames that can be used to reach your OpenStack
+ Dashboard server. This is a security measure to prevent HTTP Host header attacks,
+ which are possible even under many seemingly-safe web server configurations.
.
- Enter values separated by comas. Any space will be removed, so you can add
+ Enter values separated by commas. Any space will be removed, so you can add
some to make it more readable.
.
- Values in this list can be fully qualified names like www.example.com, in
+ Values in this list can be fully qualified names like "www.example.com", in
which case they will be matched against the request's Host header exactly
(case-insensitive, not including port). A value beginning with a period can be
- used as a subdomain wildcard: '.example.com' will match example.com,
- www.example.com, and any other subdomain of example.com. A value of '*' will
- match anything; in this case you are responsible to provide your own
- validation of the Host header (perhaps in a middleware; if so this middleware
+ used as a subdomain wildcard: ".example.com" will match example.com,
+ www.example.com, and any other subdomain of example.com. A value of "*" will
+ match anything; in this case you are responsible for providing your own
+ validation of the Host header (perhaps in middleware; if so this middleware
must be listed first in MIDDLEWARE).
Reply to: