From 187482d743c1bf27e32b43f37314607248106af4 Mon Sep 17 00:00:00 2001
From: Claude Paroz <claude@2xlibre.net>
Date: Tue, 10 Nov 2020 21:32:15 +0100
Subject: [PATCH] Avoided direct styles in admin templates.

Direct styles might be forbidden by Content Security Policies.
---
 .../admin/templates/admin/auth/user/change_password.html        | 2 +-
 .../admin/templates/registration/password_reset_confirm.html    | 2 +-
 tests/admin_views/tests.py                                      | 2 +-
 tests/auth_tests/test_templates.py                              | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/django/contrib/admin/templates/admin/auth/user/change_password.html b/django/contrib/admin/templates/admin/auth/user/change_password.html
index 895374deea..c107161a93 100644
--- a/django/contrib/admin/templates/admin/auth/user/change_password.html
+++ b/django/contrib/admin/templates/admin/auth/user/change_password.html
@@ -17,7 +17,7 @@
 {% endif %}
 {% block content %}<div id="content-main">
 <form{% if form_url %} action="{{ form_url }}"{% endif %} method="post" id="{{ opts.model_name }}_form">{% csrf_token %}{% block form_top %}{% endblock %}
-<input type="text" name="username" value="{{ original.get_username }}" style="display: none">
+<input type="text" name="username" value="{{ original.get_username }}" class="hidden">
 <div>
 {% if is_popup %}<input type="hidden" name="_popup" value="1">{% endif %}
 {% if form.errors %}
diff --git a/django/contrib/admin/templates/registration/password_reset_confirm.html b/django/contrib/admin/templates/registration/password_reset_confirm.html
index e587c6498c..b91bfb22bf 100644
--- a/django/contrib/admin/templates/registration/password_reset_confirm.html
+++ b/django/contrib/admin/templates/registration/password_reset_confirm.html
@@ -17,7 +17,7 @@
 
 <form method="post">{% csrf_token %}
 <fieldset class="module aligned">
-    <input style="display: none;" autocomplete="username" value="{{ form.user.username }}">
+    <input class="hidden" autocomplete="username" value="{{ form.user.username }}">
     <div class="form-row field-password1">
         {{ form.new_password1.errors }}
         <label for="id_new_password1">{% translate 'New password:' %}</label>
diff --git a/tests/admin_views/tests.py b/tests/admin_views/tests.py
index c958a9c955..6f47465c4a 100644
--- a/tests/admin_views/tests.py
+++ b/tests/admin_views/tests.py
@@ -1170,7 +1170,7 @@ class AdminCustomTemplateTests(AdminViewBasicTestCase):
         # When a site has multiple passwords in the browser's password manager,
         # a browser pop up asks which user the new password is for. To prevent
         # this, the username is added to the change password form.
-        self.assertContains(response, '<input type="text" name="username" value="super" style="display: none">')
+        self.assertContains(response, '<input type="text" name="username" value="super" class="hidden">')
 
     def test_extended_bodyclass_template_index(self):
         """
diff --git a/tests/auth_tests/test_templates.py b/tests/auth_tests/test_templates.py
index b9db10763c..866e4bd355 100644
--- a/tests/auth_tests/test_templates.py
+++ b/tests/auth_tests/test_templates.py
@@ -56,7 +56,7 @@ class AuthTemplateTests(TestCase):
         # browser's password managers.
         self.assertContains(
             response,
-            '<input style="display: none;" autocomplete="username" value="jsmith">',
+            '<input class="hidden" autocomplete="username" value="jsmith">',
         )
 
     def test_PasswordResetCompleteView(self):