[Gateway] Google Translate proxy common policy (#24921)

Author: maxvp

src/content/docs/cloudflare-one/policies/gateway/http-policies/common-policies.mdx

@@ -467,6 +467,40 @@ Block file downloads from Gmail.
 
 </TabItem> </Tabs>
 
+### Block Google Translate proxy
+
+Block use of Google Translate to translate entire webpages.
+
+When translating a website, Google Translate proxies webpages with the `translate.goog` domain. Your users may be able to use this service to bypass other Gateway policies. If you block `translate.goog`, users will still be able to access other Google Translate features.
+
+<Tabs syncKey="dashPlusAPI"> <TabItem label="Dashboard">
+
+| Selector | Operator      | Value                      | Action |
+| -------- | ------------- | -------------------------- | ------ |
+| Domain   | matches regex | `^(.+\.)?translate\.goog$` | Block  |
+
+</TabItem>
+
+<TabItem label="API">
+
+<APIRequest
+	path="/accounts/{account_id}/gateway/rules"
+	method="POST"
+	json={{
+		name: "Block Google Translate for websites",
+		description: "Block use of Google Translate to translate entire webpages",
+		enabled: true,
+		action: "block",
+		filters: ["http"],
+		traffic:
+			'any(http.request.domains[*] matches "^(.+\\.)?translate\\.goog$")',
+		identity: "",
+		device_posture: "",
+	}}
+/>
+
+</TabItem> </Tabs>
+
 ## Filter WebSocket traffic
 
 Gateway does not inspect or log [WebSocket](https://datatracker.ietf.org/doc/html/rfc6455) traffic. Instead, Gateway will only log the HTTP details used to make the WebSocket connection, as well as [network session information](/logs/logpush/logpush-job/datasets/account/zero_trust_network_sessions/). To filter your WebSocket traffic, create a policy with the `101` HTTP response code.