mirror of
				https://github.com/django/django.git
				synced 2025-10-25 22:56:12 +00:00 
			
		
		
		
	Avoided direct styles in admin templates.
Direct styles might be forbidden by Content Security Policies.
This commit is contained in:
		| @@ -17,7 +17,7 @@ | |||||||
| {% endif %} | {% endif %} | ||||||
| {% block content %}<div id="content-main"> | {% block content %}<div id="content-main"> | ||||||
| <form{% if form_url %} action="{{ form_url }}"{% endif %} method="post" id="{{ opts.model_name }}_form">{% csrf_token %}{% block form_top %}{% endblock %} | <form{% if form_url %} action="{{ form_url }}"{% endif %} method="post" id="{{ opts.model_name }}_form">{% csrf_token %}{% block form_top %}{% endblock %} | ||||||
| <input type="text" name="username" value="{{ original.get_username }}" style="display: none"> | <input type="text" name="username" value="{{ original.get_username }}" class="hidden"> | ||||||
| <div> | <div> | ||||||
| {% if is_popup %}<input type="hidden" name="_popup" value="1">{% endif %} | {% if is_popup %}<input type="hidden" name="_popup" value="1">{% endif %} | ||||||
| {% if form.errors %} | {% if form.errors %} | ||||||
|   | |||||||
| @@ -17,7 +17,7 @@ | |||||||
|  |  | ||||||
| <form method="post">{% csrf_token %} | <form method="post">{% csrf_token %} | ||||||
| <fieldset class="module aligned"> | <fieldset class="module aligned"> | ||||||
|     <input style="display: none;" autocomplete="username" value="{{ form.user.username }}"> |     <input class="hidden" autocomplete="username" value="{{ form.user.username }}"> | ||||||
|     <div class="form-row field-password1"> |     <div class="form-row field-password1"> | ||||||
|         {{ form.new_password1.errors }} |         {{ form.new_password1.errors }} | ||||||
|         <label for="id_new_password1">{% translate 'New password:' %}</label> |         <label for="id_new_password1">{% translate 'New password:' %}</label> | ||||||
|   | |||||||
| @@ -1170,7 +1170,7 @@ class AdminCustomTemplateTests(AdminViewBasicTestCase): | |||||||
|         # When a site has multiple passwords in the browser's password manager, |         # When a site has multiple passwords in the browser's password manager, | ||||||
|         # a browser pop up asks which user the new password is for. To prevent |         # a browser pop up asks which user the new password is for. To prevent | ||||||
|         # this, the username is added to the change password form. |         # this, the username is added to the change password form. | ||||||
|         self.assertContains(response, '<input type="text" name="username" value="super" style="display: none">') |         self.assertContains(response, '<input type="text" name="username" value="super" class="hidden">') | ||||||
|  |  | ||||||
|     def test_extended_bodyclass_template_index(self): |     def test_extended_bodyclass_template_index(self): | ||||||
|         """ |         """ | ||||||
|   | |||||||
| @@ -56,7 +56,7 @@ class AuthTemplateTests(TestCase): | |||||||
|         # browser's password managers. |         # browser's password managers. | ||||||
|         self.assertContains( |         self.assertContains( | ||||||
|             response, |             response, | ||||||
|             '<input style="display: none;" autocomplete="username" value="jsmith">', |             '<input class="hidden" autocomplete="username" value="jsmith">', | ||||||
|         ) |         ) | ||||||
|  |  | ||||||
|     def test_PasswordResetCompleteView(self): |     def test_PasswordResetCompleteView(self): | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user