test0908
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Avoided direct styles in admin templates. 

Direct styles might be forbidden by Content Security Policies.
This commit is contained in:
Claude Paroz 2020-11-10 21:32:15 +01:00 committed by GitHub
parent 4cd77f97a2
commit 187482d743
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
django/contrib/admin/templates/admin/auth/user/change_password.html
View File

@ -17,7 +17,7 @@
{% endif %} {% endif %}
{% block content %}<div id="content-main"> {% block content %}<div id="content-main">
<form{% if form_url %} action="{{ form_url }}"{% endif %} method="post" id="{{ opts.model_name }}_form">{% csrf_token %}{% block form_top %}{% endblock %} <form{% if form_url %} action="{{ form_url }}"{% endif %} method="post" id="{{ opts.model_name }}_form">{% csrf_token %}{% block form_top %}{% endblock %}
<input type="text" name="username" value="{{ original.get_username }}" style="display: none"> <input type="text" name="username" value="{{ original.get_username }}" class="hidden">
<div> <div>
{% if is_popup %}<input type="hidden" name="_popup" value="1">{% endif %} {% if is_popup %}<input type="hidden" name="_popup" value="1">{% endif %}
{% if form.errors %} {% if form.errors %}

2
django/contrib/admin/templates/registration/password_reset_confirm.html
View File

@ -17,7 +17,7 @@
<form method="post">{% csrf_token %} <form method="post">{% csrf_token %}
<fieldset class="module aligned"> <fieldset class="module aligned">
<input style="display: none;" autocomplete="username" value="{{ form.user.username }}"> <input class="hidden" autocomplete="username" value="{{ form.user.username }}">
<div class="form-row field-password1"> <div class="form-row field-password1">
{{ form.new_password1.errors }} {{ form.new_password1.errors }}
<label for="id_new_password1">{% translate 'New password:' %}</label> <label for="id_new_password1">{% translate 'New password:' %}</label>

2
tests/admin_views/tests.py
View File

@ -1170,7 +1170,7 @@ class AdminCustomTemplateTests(AdminViewBasicTestCase):
# When a site has multiple passwords in the browser's password manager, # When a site has multiple passwords in the browser's password manager,
# a browser pop up asks which user the new password is for. To prevent # a browser pop up asks which user the new password is for. To prevent
# this, the username is added to the change password form. # this, the username is added to the change password form.
self.assertContains(response, '<input type="text" name="username" value="super" style="display: none">') self.assertContains(response, '<input type="text" name="username" value="super" class="hidden">')
def test_extended_bodyclass_template_index(self): def test_extended_bodyclass_template_index(self):
""" """

2
tests/auth_tests/test_templates.py
View File

@ -56,7 +56,7 @@ class AuthTemplateTests(TestCase):
# browser's password managers. # browser's password managers.
self.assertContains( self.assertContains(
response, response,
'<input style="display: none;" autocomplete="username" value="jsmith">', '<input class="hidden" autocomplete="username" value="jsmith">',
) )
def test_PasswordResetCompleteView(self): def test_PasswordResetCompleteView(self):