4:["$","$L1b",null,{"locale":"ar","now":"$D2026-04-05T14:52:41.891Z","timeZone":"UTC","messages":{"nav":{"projects":"المشاريع","docs":"التوثيق","features":"الميزات","account":"الحساب","organizations":"المنظمات","staff":"الطاقم","blog":"المدونة","settings":"Settings","sidebarTitle":"App"},"common":{"pricingNoPayment":"CorsAPI مجاني بالكامل حاليًا؛ قد تُضاف لاحقًا خطط مدفوعة."},"authPage":{"brandLink":"Back to home","login":{"eyebrow":"Sign in","title":"Welcome back","subtitle":"Use your email or Google / GitHub to open the dashboard.","noAccount":"No account yet?","registerLink":"Create one","google":"Continue with Google","github":"Continue with GitHub","oauthDisabledHint":"Not configured on the server. Set GOOGLE_CLIENT_ID / GOOGLE_CLIENT_SECRET and GITHUB_CLIENT_ID / GITHUB_CLIENT_SECRET in the backend .env.","divider":"or continue with email","email":"Email","password":"Password","forgot":"Forgot password?","submit":"Sign in","submitting":"Signing in…","resendHint":"You can resend the verification email if it didn't arrive.","resend":"Resend verification email","configError":"Session signing is not configured (JWT_SECRET). Set environment variables before using auth in production.","verifyToast":"We sent a verification link. Check your inbox.","resendToast":"Request received. If the account exists and is unverified, an email will be sent.","legalNotice":"بتسجيل الدخول، فإنك توافق على شروط الخدمة وإشعار الخصوصية."},"register":{"eyebrow":"Create account","title":"Get started","subtitle":"أنشئ حسابك المجاني. سجّل باستخدام OAuth من Google/GitHub أو عبر البريد الإلكتروني.","hasAccount":"Already have an account?","loginLink":"Sign in","name":"Name (optional)","namePlaceholder":"Your name","email":"Email","password":"Password (min 8)","passwordPlaceholder":"At least 8 characters","passwordPolicy":"Use at least 8 characters for your password.","submit":"Create account","submitting":"Creating…","success":"Your account has been created.","legalNotice":"بإنشاء حساب، تؤكد أنك قرأت وتوافق على شروط الخدمة وإشعار الخصوصية."},"forgot":{"eyebrow":"Password","title":"Reset password","subtitle":"If SMTP is configured, we'll email you a reset link.","backLogin":"Back to sign in","email":"Email","submit":"Send link","submitting":"Sending…","toastOk":"If this email is registered, you'll receive reset instructions.","devTitle":"Development mode","devGoto":"Open reset page with this token"},"reset":{"eyebrow":"New password","title":"Choose a new password","subtitle":"Paste the token from your email and set a new password.","backLogin":"Back to sign in","token":"Reset token","password":"New password","submit":"Update password","submitting":"Saving…","toastOk":"Password updated. You can sign in."}},"seo":{"ogImageAlt":"CorsAPI — وسيط CORS وحصص وتحليلات API","breadcrumbHome":"الرئيسية","home":{"title":"CorsAPI — وسيط CORS وحصص وتحليلات API","description":"وجّه حركة المتصفح عبر وسيط CORS مُتحكم به: قوائم أصول، مفاتيح API، حصص بالدقيقة وتأخير p95. استضافة ذاتية. ابدأ بالمستوى المجاني.","keywords":"وسيط CORS, بوابة API, حد المعدل, API المتصفح, X-CorsAPI-Key, ترويسات الحصة, تحليلات API"},"docs":{"title":"التوثيق — دليل استخدام CorsAPI","description":"دليل استخدام المنتج الكامل (~10+ دقائق): اللوحة والمشاريع، أصول CORS، قوائم المضيف/المسار، مفاتيح API، أمثلة curl وfetch، الحصص، الأخطاء، الصحة وOpenAPI.","keywords":"توثيق CorsAPI, وسيط CORS, مفتاح API, دليل الاستخدام, X-RateLimit, curl, OpenAPI"},"privacy":{"title":"إشعار الخصوصية — CorsAPI","description":"كيف تُعالج CorsAPI بيانات الحساب والمشاريع وملخصات الاستخدام؛ حقوقك بموجب قوانين الخصوصية. المسؤوليات في النشر الذاتي.","keywords":"خصوصية CorsAPI, معالجة البيانات, استضافة ذاتية"},"terms":{"title":"شروط الاستخدام — CorsAPI","description":"شروط CorsAPI: الاستخدام المشروع، المحظورات، عدم المسؤولية عن إساءة الاستخدام على مواقع غير قانونية أو قمار دون علم، حدود المسؤولية.","keywords":"شروط CorsAPI, استخدام مقبول, سياسة وسيط API"},"features":{"title":"Features — CORS proxy, API gateway & observability for teams","description":"Explore CorsAPI: managed CORS and preflight, host and path allowlists, per-project API keys, per-minute quotas, p95 latency analytics, security policies, organizations, OpenAPI, health checks, and a documented free tier you can self-host.","keywords":"CorsAPI features, CORS proxy, API gateway, browser API access, rate limit, API keys, p95 latency, security policy, OpenAPI, self-hosted API proxy, observability"},"blog":{"title":"المدونة — أدلة CorsAPI حول CORS وواجهات API والوكلاء","description":"مقالات تقنية عن CORS والطلب المسبق وOAuth وحدود المعدل والمراقبة وتشغيل البوابات. بكل اللغات المدعومة.","keywords":"مدونة CORS, وكيل API, preflight, OAuth, rate limit, nginx CORS, GraphQL CORS, أدلة CorsAPI"}},"blogPage":{"heroEyebrow":"المدونة","heroTitle":"أدلة لواجهات متصفح أكثر أماناً","heroSubtitle":"تعمق في CORS والوكلاء وOAuth وبوابات الإنتاج — بكل لغة ندعمها.","linkDocs":"التوثيق","linkFeatures":"الميزات","pillarTitle":"ابدأ بهذه الأدلة","pillarSubtitle":"مقالات أساسية تربط التوثيق بإعداد الوكيل.","readArticle":"اقرأ المقال","backToBlog":"العودة إلى المدونة","published":"نُشر","updated":"حُدّث","minRead":"{minutes} دقيقة قراءة","relatedTitle":"مقالات ذات صلة"},"featuresPage":{"heroEyebrow":"Product","heroTitle":"A complete control plane for browser-safe API traffic","heroSubtitle":"Self-hosted CORS proxy with allowlists, quotas, API keys, observability, and team governance — so your frontends can call third-party APIs without turning your network into an open relay.","ctaRegister":"Create account","ctaDocs":"Read the guide","linkBlog":"Technical blog","linkHome":"Home","introTitle":"Why teams use CorsAPI for cross-origin API access","introP1":"Modern web apps constantly call payment, identity, analytics, and partner APIs. Browsers enforce the same-origin policy and CORS; misconfiguration shows up as silent failures in production. CorsAPI centralizes CORS rules, allowed upstream hosts and paths, and per-project rate limits so your product teams can ship faster without patching every upstream service.","introP2":"You keep data in your own infrastructure. The dashboard is where you create projects, list browser origins, define which DNS names and URL prefixes may be reached, and issue API keys. Traffic is attributed to a project key, so you can rotate credentials, read usage, and spot spikes before they become outages.","introP3":"Whether you run a single-page app, a mobile app with a WebView, or server-side workers that call the same proxy, the same policy model applies: explicit allowlists, quotas, and analytics — not a generic open proxy.","statsHeading":"Free tier at a glance","statsSub":"Numbers below reflect the active limits for new workspaces on this deployment. Use them when sizing staging and production projects.","stats":{"projectsLabel":"Projects per account","projectsDesc":"Separate workspaces for staging, production, or product lines.","rpmLabel":"Requests per minute (ceiling)","rpmDesc":"Per-project cap you can tune within the free-tier ceiling.","originsLabel":"Browser origins per project","originsDesc":"Localhost ports, preview URLs, and production domains."},"scenariosHeading":"Built for real delivery workflows","scenariosSub":"From local development to production rollouts — the same policy primitives apply.","scenario1Title":"Frontend teams shipping SPAs","scenario1Body":"List every origin you need in development and production, then tighten hosts and paths as integrations stabilize. The proxy tester in the dashboard reproduces the same CORS and policy behavior your users see.","scenario1B1":"Origin list covers localhost and preview deployments","scenario1B2":"Host and path rules prevent accidental wide-open calls","scenario1B3":"Quota headers help you throttle before hard errors","scenario2Title":"Platform & SRE operators","scenario2Body":"Health routes support readiness probes; daily usage and error rates highlight regressions. p95 latency samples alongside volume help you distinguish upstream slowness from client-side issues.","scenario2B1":"Health endpoints for liveness and readiness checks","scenario2B2":"Daily rollups for requests, errors, and latency","scenario2B3":"Per-project keys for clear ownership and rotation","scenario3Title":"Security-conscious organizations","scenario3Body":"Method allowlists, body size limits, header filtering, and optional hardening response headers reduce leakage and abuse. Organizations and roles keep governance aligned as teams grow.","scenario3B1":"Policy per project, not per ad-hoc server patch","scenario3B2":"Header filtering and IP controls where you enable them","scenario3B3":"Export and deletion workflows for privacy programs","groups":{"proxy":{"title":"Proxy & gateway","lead":"CORS, allowlists, and quotas — the traffic that leaves your browser or server passes through rules you define.","items":{"cors":{"title":"CORS & OPTIONS preflight","desc":"Define browser origins per line; the proxy emits CORS responses that match your project policy — no ad-hoc patches on upstream services."},"hosts":{"title":"Host & path allowlists","desc":"Only your approved upstream hosts and path prefixes are reachable. Not an open relay — traffic is constrained to rules you configure."},"keys":{"title":"API keys per project","desc":"Issue and revoke keys with prefixes; send X-CorsAPI-Key or Authorization: Bearer from browsers or servers within your free-tier limits."},"quota":{"title":"Per-minute quotas & headers","desc":"Set a configurable requests-per-minute cap per project; successful responses can include quota hints (e.g. X-RateLimit-* style headers)."}}},"observe":{"title":"Observability","lead":"See volume, errors, and latency in one place — before users open a ticket.","items":{"usage":{"title":"Daily usage & errors","desc":"Per-project daily rollups: request counts, 4xx/5xx breakdowns, and latency aggregates — so you see trends before users do."},"p95":{"title":"p95 latency samples","desc":"Track upstream slowness with percentile latency samples alongside volume — useful for SLOs and regressions."},"tester":{"title":"In-dashboard proxy tester","desc":"Send test requests through the proxy from the browser with method, URL, extra headers, and optional body — your CORS and policy rules apply."}}},"secure":{"title":"Security & policy","lead":"Tighten what methods, headers, and bodies can flow through the proxy for each project.","items":{"policy":{"title":"Per-project security policy","desc":"HTTP method allowlists, max body size, client IP allowlists, strip or block headers, upstream HTTPS expectations, timeouts, and redirect limits."},"headers":{"title":"Header filtering","desc":"Control which request headers reach upstream and which response headers return to the client — reduce cookie leakage and fingerprinting."},"stack":{"title":"Optional security response headers","desc":"Toggle common hardening headers on responses from the proxy to improve browser-side safety for your frontends."}}},"platform":{"title":"Platform & compliance","lead":"Accounts, teams, machine-readable API descriptions, and privacy-friendly operations.","items":{"orgs":{"title":"Organizations & roles","desc":"Collaborate with teams: workspaces, projects, and roles (owner, admin, member) for shared governance."},"auth":{"title":"Accounts & email verification","desc":"Sign-up with SMTP-backed verification where configured; password flows and session cookies for the dashboard."},"openapi":{"title":"OpenAPI & health endpoints","desc":"Machine-readable API descriptions for integrations; interactive docs when your deployment exposes them. Health routes such as /health/live and /health/ready for probes and deploys."},"tier":{"title":"Documented free-tier limits","desc":"Public GET /api/plan/limits returns active caps for projects, origins, keys, and quota — ideal for dashboards and post-deploy checks."},"privacy":{"title":"Data export & account deletion","desc":"Settings support export and account deletion workflows — important for GDPR-style and KVKK-aligned processes when you self-host data."}}}},"deepTitle":"How CorsAPI fits into your architecture","deepLead":"CorsAPI is not a generic HTTP tunnel. It is a policy-enforced proxy that sits between your clients and approved third-party APIs, with identity and quotas per project.","deepP1":"Browser clients send an Origin header; the proxy must allow that origin for the request to succeed. Server-side clients skip CORS but still must send a valid project key and obey host and path rules — so the same project can serve both public frontends and private workers without duplicating upstream configuration.","deepP2":"Quotas are enforced per minute per project key. That protects shared infrastructure and gives you a predictable lever when a partner API changes rate limits or when a release misbehaves. Response headers often include quota hints so well-behaved clients can back off before receiving HTTP 429.","deepP3":"For compliance, you control where the service runs and who can access the dashboard. OpenAPI and health endpoints help you automate verification; export and deletion workflows support data-subject processes when you operate on your own infrastructure.","faqHeading":"Frequently asked questions","faq":{"q1":"Is CorsAPI an open HTTP proxy?","a1":"No. Only upstream hosts and path prefixes you allow in a project can be reached. Requests must include a valid project API key and pass CORS and policy checks. That design prevents anonymous relay abuse.","q2":"Can I use the same project from browser and server?","a2":"Yes. Browser calls must send an allowed Origin; server calls typically omit Origin but still send the key. Many teams use separate keys for client-side and server-side traffic so rotation and quotas stay clear.","q3":"How do quotas work?","a3":"Each project has a per-minute request budget. Successful responses may include quota hints so clients can slow down. When the budget is exhausted, the service returns HTTP 429 until the window resets.","q4":"What observability do I get?","a4":"Per-project daily summaries include request counts, error breakdowns, and latency aggregates including p95 samples. Use them for SLOs and to spot regressions after deploys or vendor changes.","q5":"What about security hardening?","a5":"You can configure method allowlists, body size limits, header filtering, and optional hardening response headers per project. Combine with IP allowlists when your threat model requires it.","q6":"Where can I read more?","a6":"Start with the usage guide in the documentation, then explore the blog for CORS and gateway topics. The API reference describes proxy parameters and auxiliary routes for your deployment."},"ctaBandTitle":"Ready to try CorsAPI on your stack?","ctaBandSubtitle":"Create a free account, configure your first project, and run a test request from the dashboard in minutes."},"shell":{"login":"تسجيل الدخول","register":"إنشاء حساب","logout":"تسجيل الخروج","verifyBanner":"يُرجى تأكيد بريدك الإلكتروني؛ مطلوب لتسجيل الدخول وواجهة البرمجة.","verifySettings":"إعدادات الحساب","verifyResend":"إعادة إرسال رسالة التأكيد","userMenuAria":"Account menu","userMenuSettings":"Settings"},"errors":{"FREE_TIER_PROJECT_LIMIT":"لقد وصلتَ إلى حد الطبقة المجانية البالغ {maxProjects} مشروعًا. احذف مشروعًا لإنشاء آخر أو انتظر خططًا مدفوعة.","FREE_TIER_CORS_ORIGIN_LIMIT":"في الطبقة المجانية يُسمح بما لا يزيد عن {maxCorsOrigins} أصل متصفح لكل مشروع.","FREE_TIER_API_KEY_LIMIT":"في الطبقة المجانية يُسمح بما لا يزيد عن {maxApiKeysPerProject} مفتاح API نشط لكل مشروع. ألغِ مفتاحًا لإنشاء آخر."},"dashboard":{"loading":"جارٍ التحميل…","title":"مشاريعك","subtitle":"أنشئ مشروعًا جديدًا أو أدِر الحالية.","createTitle":"مشروع جديد","name":"اسم المشروع","description":"الوصف (اختياري)","create":"إنشاء","empty":"لا توجد مشاريع بعد.","open":"فتح","delete":"حذف","deleteTitle":"حذف المشروع","deleteConfirm":"سيتم حذف هذا المشروع والمفاتيح المرتبطة نهائيًا.","toastCreated":"تم إنشاء المشروع.","toastDeleted":"تم الحذف.","toastError":"حدث خطأ.","allProjects":"كل المشاريع","searchProjectsLabel":"البحث عن المشاريع","searchProjectsPlaceholder":"ابحث بالاسم أو الوصف...","manage":"إدارة","emptyHint":"لا توجد مشاريع بعد. أنشئ مشروعًا أعلاه.","noMatchingProjects":"لا توجد مشاريع مطابقة.","deleteDialogSuffix":"وجميع مفاتيح واجهة البرمجة لهذا المشروع ستُحذف نهائيًا. هل تريد المتابعة؟","confirmDelete":"حذف","cancel":"إلغاء","namePlaceholder":"مثال: واجهة الإنتاج أو بوابة الجوال","descPlaceholder":"وصف قصير: ما الغرض؟ (اختياري)","freeTierTitle":"الطبقة المجانية","freeTierProjects":"أقصى عدد مشاريع لكل حساب: {max}","freeTierRate":"أقصى حصة قابلة للتعديل (طلبات/دقيقة لكل مشروع): {max}","freeTierOrigins":"أقصى أصول CORS لكل مشروع: {max}","freeTierKeys":"أقصى مفاتيح API لكل مشروع: {max}","demoBadge":"مثال","demoProjectName":"مشروع تجريبي","demoProjectDesc":"مهيأ لواجهة GitHub العامة (`api.github.com`). استخدم اختبار الوسيط بمفتاحك — الهدف الافتراضي `/zen`.","demoModalTitle":"مفتاح API التجريبي","demoModalBody":"انسخ هذا السر مرة واحدة لتجربة وسيط الطلبات. المشروع التجريبي يسمح بـ `api.github.com` ويتضمن أصول CORS للتطوير المحلي.","demoModalCopy":"نسخ المفتاح","demoModalCopied":"تم النسخ","demoModalClose":"حسناً","demoModalOpenProject":"فتح المشروع التجريبي","demoSecretShow":"إظهار","demoSecretHide":"إخفاء","demoToastRevealCopied":"تم نسخ المفتاح إلى الحافظة."},"projectDetail":{"loading":"جارٍ التحميل…","notFound":"المشروع غير موجود.","save":"حفظ","saveRules":"حفظ القواعد","saveSecurity":"حفظ سياسة الأمان","toastMetaSaved":"تم تحديث بيانات المشروع.","toastCorsSaved":"تم حفظ CORS والحصة.","toastRulesSaved":"تم تحديث قواعد الوسيط.","toastSecuritySaved":"تم حفظ سياسة الأمان.","toastKeyRevoked":"تم إلغاء مفتاح API.","toastProjectDeleted":"تم حذف المشروع.","errSave":"تعذّر الحفظ.","errKeyCreate":"تعذّر إنشاء المفتاح.","errRevoke":"تعذّر الإلغاء.","errDelete":"تعذّر الحذف.","errMethods":"أدخل طريقة HTTP واحدة على الأقل.","errCopy":"تعذّر النسخ؛ حدّد النص يدويًا.","modalTitle":"تم إنشاء مفتاح API","modalBody":"يُعرض هذا السر مرة واحدة فقط. احفظه في مكان آمن؛ لا يمكن عرضه مجددًا.","secretLabel":"المفتاح السري","copy":"نسخ إلى الحافظة","copied":"تم النسخ","secretShow":"إظهار","secretHide":"إخفاء","toastRevealCopied":"تم نسخ المفتاح إلى الحافظة.","modalClose":"تم","backProjects":"← المشاريع","demoBanner":"هذا مشروعك التجريبي: تم السماح مسبقًا بـ GitHub `zen`. جرّب اختبار الوسيط في اللوحة.","jumpTo":"Jump to","chipRpm":"{n}/min","chipOrigins":"{n} origins","chipHosts":"{n} hosts","chipKeys":"{n} keys","deleteProject":"حذف المشروع","confirmRevokeTitle":"إلغاء مفتاح API","confirmDeleteTitle":"حذف المشروع","confirmRevokeBody":"سُلغى هذه المفتاح نهائيًا؛ لن تُقبل طلبات الوسيط التي تستخدمه.","confirmDeleteBody":"سيتم حذف المشروع {name} وجميع مفاتيح API المرتبطة. لا يمكن التراجع عن هذا الإجراء.","confirmRevoke":"إبطال المفتاح","confirmDelete":"نعم، احذف","cancel":"تراجع","secProject":"المشروع","fieldName":"الاسم","fieldDesc":"الوصف","namePlaceholder":"الاسم الظاهر في اللوحة","descPlaceholder":"ملاحظة اختيارية أو الغرض","secCors":"CORS والحصة","labelOrigins":"الأصول المسموحة (سطر لكل أصل)","originsPlaceholder":"http://localhost:3001\nhttps://yourapp.com","labelRateLimit":"حد الطلبات في الدقيقة","ratePlaceholder":"مثال: 60","secSecurity":"سياسة أمان API","securityIntro":"شدّد الطلبات عبر الوسيط: IP والطرق وحجم الجسم وترويسات التصفية وإلزام HTTPS. قائمة IP فارغة = كل المصادر.","labelMaxBody":"أقصى حجم للجسم (بايت)","phMaxBody":"مثال: 1048576 (1 م.ب)","labelTimeout":"مهلة upstream (مللي ثانية)","phTimeout":"مثال: 45000 (45 ث)","labelRedirects":"أقصى إعادة توجيه (0–10)","phRedirects":"0–10؛ 0 = بلا إعادة توجيه","labelMethods":"طرق HTTP المسموحة (سطر أو فاصلة)","phMethods":"GET\nPOST\nPUT\nأو: GET, POST, DELETE","labelIpAllow":"قائمة بيضاء لعناوين IP (فارغة = الكل)","phIpAllow":"203.0.113.10\n198.51.100.0/24\n(فارغ = كل العناوين)","ipHint":"خلف وسيط عكسي، يُستخدم أول قفزة في X-Forwarded-For كعميل.","labelBlockReq":"ترويسات لا تُرسل إلى upstream","phBlockReq":"cookie\nx-forwarded-host\n(اسم ترويسة لكل سطر)","labelStripRes":"ترويسات الاستجابة لا تُعاد للعميل","phStripRes":"set-cookie\nserver\n(تُزال من الاستجابة)","chkHttps":"HTTPS فقط للهدف (استثناء http على localhost)","chkSecHeaders":"ترويسات أمان استجابة (nosniff، X-Frame-Options…)","chkForwardAuth":"تمرير Authorization إلى upstream (باستثناء مفتاح CorsAPI)","secProxy":"الوسيط — المضيف والمسار","proxyIntro":"إذا كانت بادئات المسار فارغة، تُسمح بكل المسارات. أمثلة مسار:","labelHosts":"المضيفات","phHosts":"api.github.com\napi.stripe.com\n(مضيف لكل سطر)","labelPaths":"بادئات المسار (اختياري)","phPaths":"/zen\n/v1/users\n(فارغ = كل المسارات لهذا المضيف)","secKeys":"مفاتيح API","keysIntro":"أرسل السر كـ X-CorsAPI-Key أو Authorization: Bearer. يُعرض السر الكامل مرة واحدة فقط عند الإنشاء — احفظه بأمان.","keyNameLabel":"تسمية المفتاح","phKeyName":"مثال: الإنتاج — الجوال (تسميتك)","newKey":"إنشاء مفتاح","noKeys":"لا توجد مفاتيح API بعد. أنشئ مفتاحًا لاستخدام الوسيط أو اختبار الطلب أدناه.","noKeysHint":"يظهر في القائمة بادئة قصيرة فقط؛ لا يُعرض السر الكامل مرة أخرى.","keySecretUnavailable":"المفتاح الكامل غير متاح هنا — الخادم لا يخزّنه. تُذكَر فقط المفاتيح التي أنشأتها في جلسة هذا المتصفح حتى تُغلق التبويبة.","keyListRevealAria":"إظهار أو إخفاء مفتاح API الكامل","revoke":"إلغاء","keyCreatedLabel":"تاريخ الإنشاء","secUsage":"الاستخدام اليومي","thDate":"التاريخ","thRequests":"الطلبات","th4xx":"4xx","th5xx":"5xx","thAvg":"متوسط ملي","thP95":"p95 ملي","noUsage":"لا بيانات بعد.","secExample":"مثال","exampleCurl":"curl -H \"X-CorsAPI-Key: YOUR_SECRET\" \\\n \"{url}\""},"proxyTest":{"title":"اختبار الطلب","intro":"يرسل طلبات من المتصفح مباشرة إلى وسيط CorsAPI (مثل Postman). تُطبَّق قواعد الوسيط وقائمة أصول CORS وسياسة الأمان للمشروع.","originWarning":"يجب أن يكون أصل هذه الصفحة ({origin}) في قائمة أصول CORS للمشروع؛ وإلا قد تحصل على 403.","method":"الطريقة","targetUrl":"عنوان URL الهدف (upstream)","apiKeyLabel":"مفتاح API (سري)","apiKeyPlaceholder":"المفتاح الكامل الذي نسخته عند الإنشاء","rememberKey":"تذكّر المفتاح في جلسة المتصفح هذه (هذا التبويب/الجهاز فقط؛ في بيئة موثوقة)","extraHeaders":"ترويسات إضافية (اختياري)","extraHeadersHint":"سطر لكل Header-Name: value.","extraHeadersAuto":"يُضاف تلقائيًا.","bodyLabel":"جسم الطلب","bodyPlaceholder":"{{\n \"example\": true\n}}","send":"إرسال الطلب","sending":"جارٍ الإرسال…","response":"الاستجابة","emptyHint":"سيظهر النتيجة هنا.","responseHeaders":"ترويسات الاستجابة","body":"الجسم","noBody":"(لا يوجد جسم)","none":"(لا شيء)","toastNeedKey":"أدخل المفتاح السري. يُعرض مرة واحدة عند الإنشاء؛ أنشئ مفتاحًا جديدًا إذا فقدته.","toastNeedUrl":"عنوان URL الهدف (upstream) مطلوب.","toastSendFailed":"فشل الطلب (شبكة أو CORS).","panelNetworkError":"خطأ في الشبكة","panelFetchFailedHint":"محليًا: تأكد أن API Nest يعمل (المنفذ 3000 افتراضيًا). استخدم NEXT_PUBLIC_API_URL=/api في .env.local لاستدعاء Next (/api → الخادم الخلفي) وتقليل CORS. BACKEND_INTERNAL_URL إذا كان عنوان API مختلفًا.","showKey":"إظهار المفتاح","hideKey":"إخفاء المفتاح","toastKeyRevealCopied":"تم نسخ مفتاح API إلى الحافظة."},"onboardingTour":{"next":"التالي","prev":"السابق","done":"تم","step1Title":"المشروع","step1Body":"اسم المشروع ووصفه. مشاريع العرض التوضيحي مُعدّة مسبقًا للتجربة.","step2Title":"CORS والحصة","step2Body":"أضف أصول المتصفح سطرًا بسطر. إذا لم يكن أصل اللوحة في القائمة، يمنع المتصفح الطلب.","step3Title":"قواعد الوسيط","step3Body":"المضيفون الخلفيون المسموحون وبادئات المسار الاختيارية. يمكن استدعاء عناوين URL المطابقة فقط عبر الوسيط.","step4Title":"مفاتيح API","step4Body":"أنشئ مفتاحًا واحفظ السر بأمان — يُعرض مرة واحدة فقط. استخدم X-CorsAPI-Key أو Authorization: Bearer.","step5Title":"اختبار الطلب","step5Body":"أرسل طلب اختبار إلى الوسيط من المتصفح. تنطبق هنا نفس القواعد والمفاتيح.","step6Title":"الاستخدام اليومي","step6Body":"حجم الطلبات ومقاييس الاستجابة. بعد اختبار ناجح، تُحدَّث الجدول."},"organizations":{"title":"المنظمات","subtitle":"أدِر فريقك؛ تُربط المشاريع الجديدة بالمساحة الافتراضية ما لم تُحدد خلاف ذلك.","name":"الاسم","create":"إنشاء","role":"الدور","empty":"لا توجد منظمات إضافية بعد.","toastCreated":"تم إنشاء المنظمة.","roles":{"owner":"المالك","admin":"مسؤول","member":"عضو"}},"staff":{"title":"نظرة عامة للطاقم","users":"المستخدمون","organizations":"المنظمات","projects":"المشاريع"},"localeSwitcher":{"label":"اللغة","openMenu":"اختر اللغة","names":{"en":"English","tr":"Türkçe","es":"Español","ar":"العربية","ru":"Русский","az":"Azərbaycan"}},"home":{"hero":{"eyebrow":"CORS · حد المعدل · التحليلات","heroVideoBadge":"CORS · حد المعدل · التحليلات","heroHeadline1":"CorsAPI","heroHeadline2":"— وصول آمن إلى API","heroHeadline3":"من المتصفح.","titleRich":"CorsAPI — وصول آمن إلى API من المتصفح","subtitle":"قائمة مسموح بها للمضيف والمسار، وCORS، وحصص بالدقيقة، وسياسة أمان وتأخير p95 يومي — من لوحة واحدة. استضافة ذاتية.","pill1":"تم حل CORS","pill2":"الحصص وp95","pill3":"استضافة ذاتية","title":"بوابة API آمنة من المتصفح"},"mock":{"title":"طلب وسيط","line1":"GET /proxy?url=https://api.example.com/v1/resource","line2":"X-CorsAPI-Key: مفتاح_المشروع","line3":"Origin: https://yourapp.com","footnote":"تتضمن الاستجابات الناجحة تلميحات الحصة والحد في الرؤوس."},"stats":{"heading":"مبني لفرق الإنتاج","s1Label":"زمن الاستجابة p95","s1Desc":"عينات يومية لاكتشاف تراجع الأداء في الخدمة الخلفية مبكرًا.","s2Label":"حصص بالدقيقة","s2Desc":"429 عند التجاوز — احمِ واجهات upstream وميزانيتك.","s3Label":"بنيتك التحتية","s3Desc":"تبقى بيانات الحساب والمشروع في قاعدة البيانات التي تستضيفها."},"steps":{"heading":"كيف يعمل","intro":"جسر آمن من المتصفح إلى واجهة API في ثلاث خطوات: عرّف المشروع وأرسل المفتاح — تُطبَّق CORS والحصص والأمان تلقائيًا على كل طلب.","bullet1":"حدود origin والمضيف/المسار upstream في اللوحة","bullet2":"المصادقة عبر X-CorsAPI-Key أو Bearer","bullet3":"السياسة: preflight لـ CORS والحصص من مكان واحد","step1Title":"أنشئ مشروعًا","step1Desc":"عرّف أصول المتصفح والمضيفين upstream وبادئات المسار المسموحة.","step2Title":"أرسل مفتاح API","step2Desc":"استخدم X-CorsAPI-Key أو Authorization: Bearer من المتصفح أو الخادم.","step3Title":"وسيط مع سياسة","step3Desc":"تُطبَّق CORS والحصص والأمان تلقائيًا على كل طلب."},"bento":{"sub":"توقف عن إضافة وسيط CORS لكل خدمة صغيرة — اضبطه مرة واحدة من اللوحة."},"cta":{"start":"ابدأ مجانًا","docs":"التوثيق"},"features":{"heading":"كل ما تحتاجه للنشر بأمان","intro":"مسطح تحكم واحد لحركة المتصفح: قوائم ومراقبة وحدود.","cors":{"title":"CORS + وسيط","desc":"قائمة أصول وطلب OPTIONS مسبق — دون رؤوس مؤقتة في الخدمات الخلفية."},"host":{"title":"المضيف والمسار","desc":"المضيفون والبادئات المعرّفة فقط قابلة للوصول — وليس مرحلًا مفتوحًا."},"p95":{"title":"p95 والحصص","desc":"الطلبات اليومية و4xx/5xx والتأخير في مكان واحد."},"security":{"title":"سياسة الأمان","desc":"قوائم IP وحدود الطريقة والجسم وفلاتر الرؤوس من اللوحة."},"email":{"title":"تأكيد البريد","desc":"SMTP عند التسجيل وتدفقات إعادة تعيين كلمة المرور."},"kvkk":{"title":"خصوصية","desc":"تصدير البيانات وحذف الحساب من الإعدادات — مناسب لمسارات تشبه GDPR."}},"compare":{"heading":"لماذا لا نستدعي API مباشرة من المتصفح؟","withoutTitle":"استدعاءات مباشرة","withoutBody":"غالبًا ما يمنع CORS الطلبات عبر الأصول؛ الأسرار في العميل خطيرة؛ لا مراقبة مركزية.","withTitle":"عبر CorsAPI","withBody":"قوائم صريحة، ومفتاح على الحافة، وحصص لكل مسار ورؤية للتأخير — دون كشف بيانات upstream للمستخدمين."},"explore":{"eyebrow":"استكشف","title":"التوثيق والمنتج والمقالات الأساسية","subtitle":"ابدأ بالتوثيق والميزات، ثم احفظ هذه الأدلة المعمقة.","linkDocs":"التوثيق","linkFeatures":"الميزات","linkBlog":"المدونة","pillarHeading":"قراءات موصى بها"},"stack":{"heading":"أنت تملك المكدس","body":"خادم NestJS وMongoDB وSMTP اختياري — انشر على بنيتك واحتفظ بالبيانات تحت سيطرتك."},"faq":{"heading":"الأسئلة الشائعة","q1":"هل الاستخدام مجاني؟","a1":"نعم. سجّل وأنشئ مشاريع واستخدم الوسيط مجانًا. تنطبق حدود مشتركة للطبقة المجانية (راجع التوثيق و GET /api/plan/limits).","q2":"هل هو وسيط مفتوح؟","a2":"يُوجَّه فقط إلى قواعد المضيف والمسار التي تحددها؛ وليس مرحلًا مفتوحًا عشوائيًا.","q3":"أين أستخدم مفتاح API؟","a3":"باستخدام X-CorsAPI-Key أو Authorization: Bearer. راجع التوثيق لمثال curl.","q4":"أين بياناتي؟","a4":"بيانات الحساب والمشروع في قاعدة بياناتك. التصدير والحذف من الإعدادات.","q5":"هل يدعم الفرق؟","a5":"نعم. المؤسسات تتيح التعاون؛ ترتبط المشاريع بمساحة العمل مع أدوار المالك والمسؤول والعضو.","q6":"هل يوجد OpenAPI / Swagger؟","a6":"يعرض الخادم الخلفي OpenAPI. واجهة Swagger مغلقة افتراضيًا في الإنتاج؛ فعّلها بـ SWAGGER_ENABLED عند الجاهزية."},"freeTier":{"title":"ما يتضمنه المستوى المجاني","intro":"مشمول اليوم في كل حساب:","li1":"وسيط CORS مع قوائم مسموح بها للمضيف/المسار تتحكم بها","li2":"حصص بالدقيقة (قابلة للضبط حتى سقف المنصة)","li3":"مفاتيح API لكل مشروع (ضمن الحد)","li4":"استخدام يومي وعينات تأخير p95 في اللوحة","li5":"مشاريع ومؤسسات وخيارات سياسة أمان","li6":"OpenAPI من خادمك الخلفي — فعّل Swagger بـ SWAGGER_ENABLED عند الاستضافة"},"ctaBand":{"heading":"انشر أول مسار وسيط في دقائق","sub":"استكشف المشاريع والمفاتيح واللوحة.","primary":"إنشاء حساب","secondary":"قراءة التوثيق"},"footer":{"tagline":"CorsAPI — وسيط CORS وحصص وتحليلات API للواجهات الحديثة.","privacy":"الخصوصية","terms":"الشروط","docs":"التوثيق","followTitle":"وسائل التواصل","socialGithub":"GitHub","socialX":"X","socialLinkedin":"LinkedIn","colProduct":"المنتج","colLegal":"قانوني","register":"إنشاء حساب","login":"تسجيل الدخول","copyright":"© {year} CorsAPI"},"jsonLd":{"orgDesc":"أداة للمطورين: وسيط CORS وحصص وتحليلات API.","siteDesc":"بوابة API آمنة من المتصفح؛ إدارة CORS والحصص.","offerDesc":"مستوى مجاني"}},"privacy":{"back":"← الرئيسية","title":"إشعار الخصوصية","lastUpdated":"آخر تحديث: 24 مارس 2026","intro":"فيما يلي النص المرجعي باللغة الإنجليزية. النسخة التركية متوفرة في واجهة الموقع بالتركية.\n\n---\nThe English version below is the reference text for this locale. If you need a certified translation, consult a legal translator.\n\nThis Privacy Notice describes how personal data may be processed in connection with CorsAPI. For self‑hosted deployments, you or your organization may act as data controller and processing is primarily under your control.\n\nThis text is informational only and is not a substitute for legal advice regarding KVKK, GDPR, or other laws applicable to your situation.","s1Title":"Controller and processing context","s1Body":"If CorsAPI is offered as a hosted service, the operator may act as controller. In self‑hosted setups, you or your organization may be the controller. This notice covers data processed through the web UI and account management.","s2Title":"Categories of data","s2Body":"Identity and contact: name, email, and profile details from OAuth where applicable.\n\nAccount and security: password hashes, session/JWT‑related technical data.\n\nProject configuration: CORS origins, host/path rules, quotas, and security settings.\n\nUsage and analytics: request counts, error codes, latency summaries, logs (depending on configuration).\n\nProxy traffic: target URLs, headers, and response summaries; full payloads may not always be stored.","s3Title":"Purposes and legal bases","s3Body":"Purposes: account creation and authentication; abuse prevention; service delivery and improvement; legal compliance.\n\nLegal bases may include contract performance, legitimate interests, consent where required, or other grounds under GDPR/KVKK and local law.","s4Title":"Retention","s4Body":"Data is kept as long as necessary for the purposes above and any mandatory legal retention. You should cap retention for logs and analytics per your policies. On account deletion, data should be erased or anonymized subject to legal exceptions.","s5Title":"Sharing and subprocessors","s5Body":"Hosting, email delivery, and OAuth providers may process data on our behalf. Their privacy policies apply. International transfers require appropriate safeguards under applicable law.","s6Title":"Security","s6Body":"We aim to apply access controls, encryption in transit where appropriate, and secure development practices; no method of transmission over the Internet is completely secure.","s7Title":"Your rights","s7Body":"Depending on applicable law, you may have rights to access, rectify, erase, restrict processing, object, and data portability. Use account export/delete tools in settings or contact channels published on the site.","s8Title":"Cookies and similar technologies","s8Body":"We may use cookies or local storage for sessions and preferences. You can control these via browser settings; some features may be limited.","s9Title":"Children","s9Body":"The Service is not directed at individuals under 18. We do not knowingly collect data from children.","s10Title":"Changes and contact","s10Body":"This Notice may be updated. Material changes should be communicated by reasonable means. For questions, use the contact or support address published on the website."},"terms":{"back":"← الرئيسية","title":"شروط الخدمة","lastUpdated":"آخر تحديث: 24 مارس 2026","intro":"فيما يلي النص المرجعي باللغة الإنجليزية. النسخة التركية متوفرة في واجهة الموقع بالتركية.\n\n---\nThe English version below is the reference text for this locale. If you need a certified translation, consult a legal translator.\n\nThese Terms of Service (“Terms”) govern your use of the CorsAPI software/service (“Service”). Please read them carefully before using the Service.\n\nThis document is for general information only and does not constitute legal advice. You should obtain independent counsel for production deployments, regulated industries, or high‑risk use cases.","s1Title":"Agreement and acceptance","s1Body":"By creating an account, signing in, or otherwise accessing the Service, you confirm that you have read, understood, and agree to these Terms. If you do not agree, do not use the Service.\n\nIf any provision conflicts with mandatory consumer or data‑protection laws in your jurisdiction, the mandatory rules prevail.","s2Title":"Definitions","s2Body":"“You/User”: the natural or legal person accessing the Service.\n\n“Content and traffic”: requests, responses, configuration data, and logs/summaries processed through the Service.\n\n“Third‑party APIs”: external systems reached via the proxy/gateway; their use is governed solely by those third parties’ terms and applicable laws.","s3Title":"Nature of the Service; “as is”","s3Body":"CorsAPI is a developer tool for controlled routing of browser/client traffic using CORS rules, quotas, API keys, and related settings. Features, versions, and availability may change without prior notice.\n\nThe Service is provided “as is” and “as available”, without warranties of any kind, whether express or implied, including merchantability, fitness for a particular purpose, or uninterrupted operation.","s4Title":"Account, authentication, and security","s4Body":"You are responsible for safeguarding your credentials and for all activity under your account. If you suspect unauthorized access, change your password promptly and notify us through the published support channels.\n\nIf you use OAuth providers (e.g. Google, GitHub), their terms also apply.","s5Title":"Acceptable use","s5Body":"You will use the Service only in compliance with applicable laws, third‑party API terms, and your own configured allowlists (origins, hosts, paths, quotas, etc.).\n\nKeeping configurations accurate, meeting legal obligations (including privacy and sector rules), and providing required notices to your users are your responsibility.","s6Title":"Prohibited uses","s6Body":"Without limitation, the following are prohibited: (a) illegal activity under applicable law; (b) unauthorized access to third‑party systems, security circumvention, or abuse; (c) malware, fraud, identity theft, or spam; (d) child exploitation or distribution of harmful content; (e) unlawful gambling/betting or misuse of payment systems; (f) money laundering or terrorist financing.\n\nOperating the Service as an open, uncontrolled public proxy, or using it to infringe third‑party rights or mislead users, is prohibited.","s7Title":"Third‑party use; no duty to monitor; disclaimer","s7Body":"The Service is provided as technical infrastructure. We may not know your integrators, end users, or customers, and we cannot continuously verify the ultimate purpose of traffic. We have no obligation to detect or block use on illegal sites, gambling/betting platforms, or other unlawful purposes; we do not accept liability for such use, whether or not we were aware of it.\n\nWe do not perform full content inspection or continuous legal compliance scanning; preventing misuse relies primarily on your configuration and access controls.","s8Title":"Limitation of liability","s8Body":"To the maximum extent permitted by law, CorsAPI and its operators shall not be liable for indirect, incidental, special, consequential, or punitive damages, or for loss of data, revenue, goodwill, or third‑party claims.\n\nWe are not liable for outages, errors, misconfiguration, or unavailability of third‑party APIs.","s9Title":"Disclaimer of warranties","s9Body":"The Service is provided without warranties of any kind. No warranty is made regarding performance, error‑free operation, or compliance with specific regulatory frameworks (e.g. HIPAA, PCI‑DSS).","s10Title":"Indemnity","s10Body":"You agree to indemnify and hold harmless CorsAPI and its operators, directors, and employees from any claims, damages, penalties, and reasonable attorneys’ fees arising from your breach of these Terms, violation of law, or infringement of third‑party rights.","s11Title":"Termination, governing law, disputes, and changes","s11Body":"We may suspend or terminate your account or access with or without notice for breach or legal requirements.\n\nThese Terms are governed by the laws of the jurisdiction where CorsAPI is operated (e.g. Republic of Türkiye), excluding conflict‑of‑law rules where permitted. Mandatory consumer rights in your country of residence remain unaffected.\n\nMaterial changes should be communicated by reasonable means (e.g. site notice or email). Continued use after changes may constitute acceptance.\n\nFor legal notices, use the official contact/support channels published on the website."},"docs":{"title":"التوثيق","sidebarTitle":"التوثيق","navGuide":"دليل الاستخدام","tocTitle":"المحتويات","examplesSectionTitle":"أمثلة تعليمات برمجية ونقاط نهاية","swaggerIntro":"OpenAPI:","swaggerTail":"— في الإنتاج قيّد من يمكنه فتح الوثائق التفاعلية (مثلاً مصادقة أو شبكة خاصة) حتى لا يكون وصف API مكشوفاً للجميع.","backDashboard":"العودة إلى اللوحة"},"settingsPage":{"title":"Account settings","subtitle":"Update your profile, password, and data.","profileTitle":"Profile","displayName":"Display name","displayNamePlaceholder":"Your name","emailLabel":"Email","emailHint":"Email cannot be changed here.","linkedGoogle":"Signed in with Google","linkedGithub":"Signed in with GitHub","saveProfile":"Save changes","saving":"Saving…","profileSaved":"Profile updated.","passwordTitle":"Password","oauthNoPassword":"You use Google or GitHub to sign in. To use a password, contact support or add password support in a future release.","currentPassword":"Current password","newPassword":"New password","confirmPassword":"Confirm new password","changePassword":"Change password","changingPassword":"Updating…","passwordMismatch":"New passwords do not match.","passwordChanged":"Password updated. Please sign in again.","passwordWrong":"Could not change password. Check your current password.","verifyCardTitle":"Email verification","verifyCardBody":"Click the link in your inbox. If nothing arrived, resend the email.","verifyResend":"Resend verification email","verifyResendOk":"If the account exists and is unverified, a message was sent.","exportTitle":"Export data","exportBody":"Projects, proxy rules (keys masked), and recent usage as JSON.","exportBtn":"Download JSON","exporting":"…","exportOk":"Export downloaded.","dangerTitle":"Danger zone","dangerBody":"Deleting your account removes all projects and API keys permanently.","deleteBtn":"Delete account","deleteConfirmTitle":"Delete account permanently","deleteConfirmBody":"Your account and all projects will be removed. This cannot be undone.","deleteConfirmOk":"Yes, delete","deleteConfirmCancel":"Cancel","deleteOk":"Your account was deleted.","loadError":"Could not load account."}},"children":["$L1c","$L1d"]}]

المتصفحات

التصحيح