…g initial migrations of contenttypes and auth Thanks Florian Apolloner for the report and Claude Paroz and Tim Graham for the review and help on the patch.
Thanks Tim Graham for the review.
This is a security fix. Disclosure following shortly. Thanks Keryn Knight for the report and initial patch.
This issue was fixed in master by refs #24072.
…nviron. This is a security fix. Disclosure following shortly. Thanks to Jedediah Smith for the report.
Thanks Max Demars for the report.
Thanks Laurent Payot for the report, and Markus Holtermann, Tim Graham for the reviews.
…sors. Thanks Collin for the review.
This is marginally better than crashing when several Django template engines are configured in a project. Refs #24125.
This change makes it possible to configure several Django template engines in a project and still use the admin. On the flip side the check is silently skipped when no Django template engine is configured.
A deprecation path is required because the return type of django.template.loader.get_template changed during the multiple template engines refactor. test_csrf_token_in_404 was incorrect: it tested the case when the hardcoded template was rendered, and that template doesn't depend on the CSRF token. This commit makes it test the case when a custom template is rendered.
Thanks Thomas Güttler for the report and the initial patch, and Tim Graham for the review.
…] isn't a list/tuple.