diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py
index bb02cb08ace7..5fbc3a70ab7e 100644
--- a/django/contrib/admin/sites.py
+++ b/django/contrib/admin/sites.py
@@ -323,7 +323,7 @@ def each_context(self, request):
         For sites running on a subpath, use the SCRIPT_NAME value if site_url
         hasn't been customized.
         """
-        script_name = request.META["SCRIPT_NAME"]
+        script_name = request.meta["SCRIPT_NAME"]
         site_url = (
             script_name if self.site_url == "/" and script_name else self.site_url
         )
diff --git a/django/contrib/admindocs/middleware.py b/django/contrib/admindocs/middleware.py
index 5c9f08d0cc93..14ffd0e67c43 100644
--- a/django/contrib/admindocs/middleware.py
+++ b/django/contrib/admindocs/middleware.py
@@ -25,7 +25,7 @@ def process_view(self, request, view_func, view_args, view_kwargs):
                 "'django.contrib.auth.middleware.AuthenticationMiddleware'."
             )
         if request.method == "HEAD" and (
-            request.META.get("REMOTE_ADDR") in settings.INTERNAL_IPS
+            request.meta.get("REMOTE_ADDR") in settings.INTERNAL_IPS
             or (request.user.is_active and request.user.is_staff)
         ):
             response = HttpResponse()
diff --git a/django/contrib/auth/middleware.py b/django/contrib/auth/middleware.py
index 6b8dd4340e9f..4139f606262f 100644
--- a/django/contrib/auth/middleware.py
+++ b/django/contrib/auth/middleware.py
@@ -49,7 +49,7 @@ class RemoteUserMiddleware(MiddlewareMixin):
     """
 
     # Name of request header to grab username from.  This will be the key as
-    # used in the request.META dictionary, i.e. the normalization of headers to
+    # used in the request.meta dictionary, i.e. the normalization of headers to
     # all uppercase and the addition of "HTTP_" prefix apply.
     header = "REMOTE_USER"
     force_logout_if_no_header = True
@@ -65,7 +65,7 @@ def process_request(self, request):
                 " before the RemoteUserMiddleware class."
             )
         try:
-            username = request.META[self.header]
+            username = request.meta[self.header]
         except KeyError:
             # If specified header doesn't exist then remove any existing
             # authenticated remote-user, or return (leaving request.user set to
diff --git a/django/contrib/messages/api.py b/django/contrib/messages/api.py
index 7a67e8b4b097..95771dae4b3d 100644
--- a/django/contrib/messages/api.py
+++ b/django/contrib/messages/api.py
@@ -26,7 +26,7 @@ def add_message(request, level, message, extra_tags="", fail_silently=False):
     try:
         messages = request._messages
     except AttributeError:
-        if not hasattr(request, "META"):
+        if not hasattr(request, "meta"):
             raise TypeError(
                 "add_message() argument must be an HttpRequest object, not "
                 "'%s'." % request.__class__.__name__
diff --git a/django/core/exceptions.py b/django/core/exceptions.py
index 2a2288ff4dc9..ca073c0d8e03 100644
--- a/django/core/exceptions.py
+++ b/django/core/exceptions.py
@@ -60,7 +60,7 @@ class DisallowedRedirect(SuspiciousOperation):
 
 class TooManyFieldsSent(SuspiciousOperation):
     """
-    The number of fields in a GET or POST request exceeded
+    The number of fields in a request.query_params or POST request exceeded
     settings.DATA_UPLOAD_MAX_NUMBER_FIELDS.
     """
 
diff --git a/django/core/files/uploadhandler.py b/django/core/files/uploadhandler.py
index b6c185e8fc72..fc0764cff8d1 100644
--- a/django/core/files/uploadhandler.py
+++ b/django/core/files/uploadhandler.py
@@ -91,7 +91,7 @@ def handle_raw_input(
             :input_data:
                 An object that supports reading via .read().
             :META:
-                ``request.META``.
+                ``request.meta``.
             :content_length:
                 The (integer) value of the Content-Length header from the
                 client.
diff --git a/django/core/handlers/asgi.py b/django/core/handlers/asgi.py
index 7b0086fb765a..eb4c6c6ca4c0 100644
--- a/django/core/handlers/asgi.py
+++ b/django/core/handlers/asgi.py
@@ -71,7 +71,7 @@ def __init__(self, scope, body_file):
         query_string = self.scope.get("query_string", "")
         if isinstance(query_string, bytes):
             query_string = query_string.decode()
-        self.META = {
+        self.meta = {
             "REQUEST_METHOD": self.method,
             "QUERY_STRING": query_string,
             "SCRIPT_NAME": self.script_name,
@@ -81,16 +81,16 @@ def __init__(self, scope, body_file):
             "wsgi.multiprocess": True,
         }
         if self.scope.get("client"):
-            self.META["REMOTE_ADDR"] = self.scope["client"][0]
-            self.META["REMOTE_HOST"] = self.META["REMOTE_ADDR"]
-            self.META["REMOTE_PORT"] = self.scope["client"][1]
+            self.meta["REMOTE_ADDR"] = self.scope["client"][0]
+            self.meta["REMOTE_HOST"] = self.meta["REMOTE_ADDR"]
+            self.meta["REMOTE_PORT"] = self.scope["client"][1]
         if self.scope.get("server"):
-            self.META["SERVER_NAME"] = self.scope["server"][0]
-            self.META["SERVER_PORT"] = str(self.scope["server"][1])
+            self.meta["SERVER_NAME"] = self.scope["server"][0]
+            self.meta["SERVER_PORT"] = str(self.scope["server"][1])
         else:
-            self.META["SERVER_NAME"] = "unknown"
-            self.META["SERVER_PORT"] = "0"
-        # Headers go into META.
+            self.meta["SERVER_NAME"] = "unknown"
+            self.meta["SERVER_PORT"] = "0"
+        # Headers go into meta.
         for name, value in self.scope.get("headers", []):
             name = name.decode("latin1")
             if name == "content-length":
@@ -102,19 +102,19 @@ def __init__(self, scope, body_file):
             # HTTP/2 say only ASCII chars are allowed in headers, but decode
             # latin1 just in case.
             value = value.decode("latin1")
-            if corrected_name in self.META:
-                value = self.META[corrected_name] + "," + value
-            self.META[corrected_name] = value
+            if corrected_name in self.meta:
+                value = self.meta[corrected_name] + "," + value
+            self.meta[corrected_name] = value
         # Pull out request encoding, if provided.
-        self._set_content_type_params(self.META)
+        self._set_content_type_params(self.meta)
         # Directly assign the body file to be our stream.
         self._stream = body_file
         # Other bits.
         self.resolver_match = None
 
     @cached_property
-    def GET(self):
-        return QueryDict(self.META["QUERY_STRING"])
+    def query_params(self):
+        return QueryDict(self.meta["QUERY_STRING"])
 
     def _get_scheme(self):
         return self.scope.get("scheme") or super()._get_scheme()
@@ -137,7 +137,7 @@ def _get_files(self):
 
     @cached_property
     def COOKIES(self):
-        return parse_cookie(self.META.get("HTTP_COOKIE", ""))
+        return parse_cookie(self.meta.get("HTTP_COOKIE", ""))
 
     def close(self):
         super().close()
diff --git a/django/core/handlers/wsgi.py b/django/core/handlers/wsgi.py
index 9324af083ecd..ec99f960cebe 100644
--- a/django/core/handlers/wsgi.py
+++ b/django/core/handlers/wsgi.py
@@ -65,9 +65,9 @@ def __init__(self, environ):
         # http://test/something and http://test//something being different as
         # stated in RFC 3986.
         self.path = "%s/%s" % (script_name.rstrip("/"), path_info.replace("/", "", 1))
-        self.META = environ
-        self.META["PATH_INFO"] = path_info
-        self.META["SCRIPT_NAME"] = script_name
+        self.meta = environ
+        self.meta["PATH_INFO"] = path_info
+        self.meta["SCRIPT_NAME"] = script_name
         self.method = environ["REQUEST_METHOD"].upper()
         # Set content_type, content_params, and encoding.
         self._set_content_type_params(environ)
@@ -83,7 +83,7 @@ def _get_scheme(self):
         return self.environ.get("wsgi.url_scheme")
 
     @cached_property
-    def GET(self):
+    def query_params(self):
         # The WSGI spec says 'QUERY_STRING' may be absent.
         raw_query_string = get_bytes_from_wsgi(self.environ, "QUERY_STRING", "")
         return QueryDict(raw_query_string, encoding=self._encoding)
diff --git a/django/http/multipartparser.py b/django/http/multipartparser.py
index dfd406c35eac..963f48cdf542 100644
--- a/django/http/multipartparser.py
+++ b/django/http/multipartparser.py
@@ -54,12 +54,12 @@ class MultiPartParser:
 
     boundary_re = _lazy_re_compile(r"[ -~]{0,200}[!-~]")
 
-    def __init__(self, META, input_data, upload_handlers, encoding=None):
+    def __init__(self, meta, input_data, upload_handlers, encoding=None):
         """
         Initialize the MultiPartParser object.
 
-        :META:
-            The standard ``META`` dictionary in Django request objects.
+        :meta:
+            The standard ``meta`` dictionary in Django request objects.
         :input_data:
             The raw post data, as a file-like object.
         :upload_handlers:
@@ -69,7 +69,7 @@ def __init__(self, META, input_data, upload_handlers, encoding=None):
             The encoding with which to treat the incoming data.
         """
         # Content-Type should contain multipart and the boundary information.
-        content_type = META.get("CONTENT_TYPE", "")
+        content_type = meta.get("CONTENT_TYPE", "")
         if not content_type.startswith("multipart/"):
             raise MultiPartParserError("Invalid Content-Type: %s" % content_type)
 
@@ -92,7 +92,7 @@ def __init__(self, META, input_data, upload_handlers, encoding=None):
         # Content-Length should contain the length of the body we are about
         # to receive.
         try:
-            content_length = int(META.get("CONTENT_LENGTH", 0))
+            content_length = int(meta.get("CONTENT_LENGTH", 0))
         except (ValueError, TypeError):
             content_length = 0
 
@@ -108,7 +108,7 @@ def __init__(self, META, input_data, upload_handlers, encoding=None):
         possible_sizes = [x.chunk_size for x in upload_handlers if x.chunk_size]
         self._chunk_size = min([2**31 - 4] + possible_sizes)
 
-        self._meta = META
+        self._meta = meta
         self._encoding = encoding or settings.DEFAULT_CHARSET
         self._content_length = content_length
         self._upload_handlers = upload_handlers
@@ -202,7 +202,7 @@ def _parse(self):
                     # last boundary.
                     if settings.DATA_UPLOAD_MAX_NUMBER_FIELDS + 2 < num_post_keys:
                         raise TooManyFieldsSent(
-                            "The number of GET/POST parameters exceeded "
+                            "The number of query_params/POST parameters exceeded "
                             "settings.DATA_UPLOAD_MAX_NUMBER_FIELDS."
                         )
 
diff --git a/django/http/request.py b/django/http/request.py
index fe15a173be58..a074b4311e9a 100644
--- a/django/http/request.py
+++ b/django/http/request.py
@@ -41,9 +41,9 @@ class UnreadablePostError(OSError):
 
 class RawPostDataException(Exception):
     """
-    You cannot access raw_post_data from a request that has
+    You cannot access raw_post_data from a POST request that has a
     multipart/* POST data if it has been accessed via POST,
-    FILES, etc..
+    files, etc..
     """
 
     pass
@@ -52,7 +52,7 @@ class RawPostDataException(Exception):
 class HttpRequest:
     """A basic HTTP request."""
 
-    # The encoding used in GET/POST dicts. None means use default setting.
+    # The encoding used in query_params and POST dicts. None means use default setting.
     _encoding = None
     _upload_handlers = []
 
@@ -61,10 +61,10 @@ def __init__(self):
         # Any variable assignment made here should also happen in
         # `WSGIRequest.__init__()`.
 
-        self.GET = QueryDict(mutable=True)
+        self.query_params = QueryDict(mutable=True)
         self.POST = QueryDict(mutable=True)
         self.COOKIES = {}
-        self.META = {}
+        self.meta = {}
         self.FILES = MultiValueDict()
 
         self.path = ""
@@ -85,7 +85,7 @@ def __repr__(self):
 
     @cached_property
     def headers(self):
-        return HttpHeaders(self.META)
+        return HttpHeaders(self.meta)
 
     @cached_property
     def accepted_types(self):
@@ -116,13 +116,13 @@ def _get_raw_host(self):
         allowed hosts protection, so may return an insecure host.
         """
         # We try three options, in order of decreasing preference.
-        if settings.USE_X_FORWARDED_HOST and ("HTTP_X_FORWARDED_HOST" in self.META):
-            host = self.META["HTTP_X_FORWARDED_HOST"]
-        elif "HTTP_HOST" in self.META:
-            host = self.META["HTTP_HOST"]
+        if settings.USE_X_FORWARDED_HOST and ("HTTP_X_FORWARDED_HOST" in self.meta):
+            host = self.meta["HTTP_X_FORWARDED_HOST"]
+        elif "HTTP_HOST" in self.meta:
+            host = self.meta["HTTP_HOST"]
         else:
             # Reconstruct the host using the algorithm from PEP 333.
-            host = self.META["SERVER_NAME"]
+            host = self.meta["SERVER_NAME"]
             server_port = self.get_port()
             if server_port != ("443" if self.is_secure() else "80"):
                 host = "%s:%s" % (host, server_port)
@@ -152,10 +152,10 @@ def get_host(self):
 
     def get_port(self):
         """Return the port number for the request as a string."""
-        if settings.USE_X_FORWARDED_PORT and "HTTP_X_FORWARDED_PORT" in self.META:
-            port = self.META["HTTP_X_FORWARDED_PORT"]
+        if settings.USE_X_FORWARDED_PORT and "HTTP_X_FORWARDED_PORT" in self.meta:
+            port = self.meta["HTTP_X_FORWARDED_PORT"]
         else:
-            port = self.META["SERVER_PORT"]
+            port = self.meta["SERVER_PORT"]
         return str(port)
 
     def get_full_path(self, force_append_slash=False):
@@ -170,8 +170,8 @@ def _get_full_path(self, path, force_append_slash):
         return "%s%s%s" % (
             escape_uri_path(path),
             "/" if force_append_slash and not path.endswith("/") else "",
-            ("?" + iri_to_uri(self.META.get("QUERY_STRING", "")))
-            if self.META.get("QUERY_STRING", "")
+            ("?" + iri_to_uri(self.meta.get("QUERY_STRING", "")))
+            if self.meta.get("QUERY_STRING", "")
             else "",
         )
 
@@ -259,7 +259,7 @@ def scheme(self):
                     "The SECURE_PROXY_SSL_HEADER setting must be a tuple containing "
                     "two values."
                 )
-            header_value = self.META.get(header)
+            header_value = self.meta.get(header)
             if header_value is not None:
                 header_value, *_ = header_value.split(",", 1)
                 return "https" if header_value.strip() == secure_value else "http"
@@ -275,13 +275,13 @@ def encoding(self):
     @encoding.setter
     def encoding(self, val):
         """
-        Set the encoding used for GET/POST accesses. If the GET or POST
-        dictionary has already been created, remove and recreate it on the
-        next access (so that it is decoded correctly).
+        Set the encoding used for query_params/POST accesses. If the query_params or
+        POST dictionary has already been created, remove and recreate it on the next
+        access (so that it is decoded correctly).
         """
         self._encoding = val
-        if hasattr(self, "GET"):
-            del self.GET
+        if hasattr(self, "query_params"):
+            del self.query_params
         if hasattr(self, "_post"):
             del self._post
 
@@ -307,7 +307,7 @@ def upload_handlers(self, upload_handlers):
             )
         self._upload_handlers = upload_handlers
 
-    def parse_file_upload(self, META, post_data):
+    def parse_file_upload(self, meta, post_data):
         """Return a tuple of (POST QueryDict, FILES MultiValueDict)."""
         self.upload_handlers = ImmutableList(
             self.upload_handlers,
@@ -316,7 +316,7 @@ def parse_file_upload(self, META, post_data):
                 "processed."
             ),
         )
-        parser = MultiPartParser(META, post_data, self.upload_handlers, self.encoding)
+        parser = MultiPartParser(meta, post_data, self.upload_handlers, self.encoding)
         return parser.parse()
 
     @property
@@ -330,7 +330,7 @@ def body(self):
             # Limit the maximum request data size that will be handled in-memory.
             if (
                 settings.DATA_UPLOAD_MAX_MEMORY_SIZE is not None
-                and int(self.META.get("CONTENT_LENGTH") or 0)
+                and int(self.meta.get("CONTENT_LENGTH") or 0)
                 > settings.DATA_UPLOAD_MAX_MEMORY_SIZE
             ):
                 raise RequestDataTooBig(
@@ -369,7 +369,7 @@ def _load_post_and_files(self):
             else:
                 data = self
             try:
-                self._post, self._files = self.parse_file_upload(self.META, data)
+                self._post, self._files = self.parse_file_upload(self.meta, data)
             except (MultiPartParserError, TooManyFilesSent):
                 # An error occurred while parsing POST data. Since when
                 # formatting the error the request handler might access
@@ -427,6 +427,38 @@ def __iter__(self):
     def readlines(self):
         return list(self)
 
+    @property
+    def GET(self):
+        return self.query_params
+
+    @GET.setter
+    def GET(self, value):
+        self.query_params = value
+
+    @property
+    def COOKIES(self):
+        return self.cookies
+
+    @COOKIES.setter
+    def COOKIES(self, value):
+        self.cookies = value
+
+    @property
+    def META(self):
+        return self.meta
+
+    @META.setter
+    def META(self, value):
+        self.meta = value
+
+    @property
+    def FILES(self):
+        return self.files
+
+    @FILES.setter
+    def FILES(self, value):
+        self.files = value
+
 
 class HttpHeaders(CaseInsensitiveMapping):
     HTTP_PREFIX = "HTTP_"
@@ -483,7 +515,7 @@ class QueryDict(MultiValueDict):
     """
     A specialized MultiValueDict which represents a query string.
 
-    A QueryDict can be used to represent GET or POST data. It subclasses
+    A QueryDict can be used to represent query_params or POST data. It subclasses
     MultiValueDict since keys in such data can be repeated, for instance
     in the data from a form with a <select multiple> field.
 
@@ -524,7 +556,7 @@ def __init__(self, query_string=None, mutable=False, encoding=None):
             # the exception was raised by exceeding the value of max_num_fields
             # instead of fragile checks of exception message strings.
             raise TooManyFieldsSent(
-                "The number of GET/POST parameters exceeded "
+                "The number of query_params/POST parameters exceeded "
                 "settings.DATA_UPLOAD_MAX_NUMBER_FIELDS."
             ) from e
         self._mutable = mutable
diff --git a/django/middleware/common.py b/django/middleware/common.py
index 9f71b9d27885..fe860d747e2a 100644
--- a/django/middleware/common.py
+++ b/django/middleware/common.py
@@ -38,7 +38,7 @@ def process_request(self, request):
         """
 
         # Check for denied User-Agents
-        user_agent = request.META.get("HTTP_USER_AGENT")
+        user_agent = request.meta.get("HTTP_USER_AGENT")
         if user_agent is not None:
             for user_agent_regex in settings.DISALLOWED_USER_AGENTS:
                 if user_agent_regex.search(user_agent):
@@ -121,11 +121,11 @@ def process_response(self, request, response):
         if response.status_code == 404 and not settings.DEBUG:
             domain = request.get_host()
             path = request.get_full_path()
-            referer = request.META.get("HTTP_REFERER", "")
+            referer = request.meta.get("HTTP_REFERER", "")
 
             if not self.is_ignorable_request(request, path, domain, referer):
-                ua = request.META.get("HTTP_USER_AGENT", "<none>")
-                ip = request.META.get("REMOTE_ADDR", "<none>")
+                ua = request.meta.get("HTTP_USER_AGENT", "<none>")
+                ip = request.meta.get("REMOTE_ADDR", "<none>")
                 mail_managers(
                     "Broken %slink on %s"
                     % (
diff --git a/django/middleware/csrf.py b/django/middleware/csrf.py
index 2c0d2cc12061..90dd494691c1 100644
--- a/django/middleware/csrf.py
+++ b/django/middleware/csrf.py
@@ -81,9 +81,9 @@ def _unmask_cipher_token(token):
 
 
 def _add_new_csrf_cookie(request):
-    """Generate a new random CSRF_COOKIE value, and add it to request.META."""
+    """Generate a new random CSRF_COOKIE value, and add it to request.meta."""
     csrf_secret = _get_new_csrf_string()
-    request.META.update(
+    request.meta.update(
         {
             "CSRF_COOKIE": csrf_secret,
             "CSRF_COOKIE_NEEDS_UPDATE": True,
@@ -102,12 +102,12 @@ def get_token(request):
     header to the outgoing response.  For this reason, you may need to use this
     function lazily, as is done by the csrf context processor.
     """
-    if "CSRF_COOKIE" in request.META:
-        csrf_secret = request.META["CSRF_COOKIE"]
+    if "CSRF_COOKIE" in request.meta:
+        csrf_secret = request.meta["CSRF_COOKIE"]
         # Since the cookie is being used, flag to send the cookie in
         # process_response() (even if the client already has it) in order to
         # renew the expiry timer.
-        request.META["CSRF_COOKIE_NEEDS_UPDATE"] = True
+        request.meta["CSRF_COOKIE_NEEDS_UPDATE"] = True
     else:
         csrf_secret = _add_new_csrf_cookie(request)
     return _mask_cipher_secret(csrf_secret)
@@ -251,12 +251,12 @@ def _get_secret(self, request):
 
     def _set_csrf_cookie(self, request, response):
         if settings.CSRF_USE_SESSIONS:
-            if request.session.get(CSRF_SESSION_KEY) != request.META["CSRF_COOKIE"]:
-                request.session[CSRF_SESSION_KEY] = request.META["CSRF_COOKIE"]
+            if request.session.get(CSRF_SESSION_KEY) != request.meta["CSRF_COOKIE"]:
+                request.session[CSRF_SESSION_KEY] = request.meta["CSRF_COOKIE"]
         else:
             response.set_cookie(
                 settings.CSRF_COOKIE_NAME,
-                request.META["CSRF_COOKIE"],
+                request.meta["CSRF_COOKIE"],
                 max_age=settings.CSRF_COOKIE_AGE,
                 domain=settings.CSRF_COOKIE_DOMAIN,
                 path=settings.CSRF_COOKIE_PATH,
@@ -268,7 +268,7 @@ def _set_csrf_cookie(self, request, response):
             patch_vary_headers(response, ("Cookie",))
 
     def _origin_verified(self, request):
-        request_origin = request.META["HTTP_ORIGIN"]
+        request_origin = request.meta["HTTP_ORIGIN"]
         try:
             good_host = request.get_host()
         except DisallowedHost:
@@ -294,7 +294,7 @@ def _origin_verified(self, request):
         )
 
     def _check_referer(self, request):
-        referer = request.META.get("HTTP_REFERER")
+        referer = request.meta.get("HTTP_REFERER")
         if referer is None:
             raise RejectRequest(REASON_NO_REFERER)
 
@@ -380,7 +380,7 @@ def _check_token(self, request):
                 # depending on whether the client obtained the token from
                 # the DOM or the cookie (and if the cookie, whether the cookie
                 # was masked or unmasked).
-                request_csrf_token = request.META[settings.CSRF_HEADER_NAME]
+                request_csrf_token = request.meta[settings.CSRF_HEADER_NAME]
             except KeyError:
                 raise RejectRequest(REASON_CSRF_TOKEN_MISSING)
             token_source = settings.CSRF_HEADER_NAME
@@ -408,13 +408,13 @@ def process_request(self, request):
                 # masked, this also causes it to be replaced with the unmasked
                 # form, but only in cases where the secret is already getting
                 # saved anyways.
-                request.META["CSRF_COOKIE"] = csrf_secret
+                request.meta["CSRF_COOKIE"] = csrf_secret
 
     def process_view(self, request, callback, callback_args, callback_kwargs):
         if getattr(request, "csrf_processing_done", False):
             return None
 
-        # Wait until request.META["CSRF_COOKIE"] has been manipulated before
+        # Wait until request.meta["CSRF_COOKIE"] has been manipulated before
         # bailing out, so that get_token still works
         if getattr(callback, "csrf_exempt", False):
             return None
@@ -432,10 +432,10 @@ def process_view(self, request, callback, callback_args, callback_kwargs):
 
         # Reject the request if the Origin header doesn't match an allowed
         # value.
-        if "HTTP_ORIGIN" in request.META:
+        if "HTTP_ORIGIN" in request.meta:
             if not self._origin_verified(request):
                 return self._reject(
-                    request, REASON_BAD_ORIGIN % request.META["HTTP_ORIGIN"]
+                    request, REASON_BAD_ORIGIN % request.meta["HTTP_ORIGIN"]
                 )
         elif request.is_secure():
             # If the Origin header wasn't provided, reject HTTPS requests if
@@ -468,7 +468,7 @@ def process_view(self, request, callback, callback_args, callback_kwargs):
         return self._accept(request)
 
     def process_response(self, request, response):
-        if request.META.get("CSRF_COOKIE_NEEDS_UPDATE"):
+        if request.meta.get("CSRF_COOKIE_NEEDS_UPDATE"):
             self._set_csrf_cookie(request, response)
             # Unset the flag to prevent _set_csrf_cookie() from being
             # unnecessarily called again in process_response() by other
@@ -477,6 +477,6 @@ def process_response(self, request, response):
             # CSRF_COOKIE_NEEDS_UPDATE is still respected in subsequent calls
             # e.g. in case rotate_token() is called in process_response() later
             # by custom middleware but before those subsequent calls.
-            request.META["CSRF_COOKIE_NEEDS_UPDATE"] = False
+            request.meta["CSRF_COOKIE_NEEDS_UPDATE"] = False
 
         return response
diff --git a/django/middleware/gzip.py b/django/middleware/gzip.py
index 45be6ccb437b..e0ede7d2565a 100644
--- a/django/middleware/gzip.py
+++ b/django/middleware/gzip.py
@@ -26,7 +26,7 @@ def process_response(self, request, response):
 
         patch_vary_headers(response, ("Accept-Encoding",))
 
-        ae = request.META.get("HTTP_ACCEPT_ENCODING", "")
+        ae = request.meta.get("HTTP_ACCEPT_ENCODING", "")
         if not re_accepts_gzip.search(ae):
             return response
 
diff --git a/django/template/context_processors.py b/django/template/context_processors.py
index 32753032fc04..606f87f31e8c 100644
--- a/django/template/context_processors.py
+++ b/django/template/context_processors.py
@@ -38,7 +38,7 @@ def debug(request):
     Return context variables helpful for debugging.
     """
     context_extras = {}
-    if settings.DEBUG and request.META.get("REMOTE_ADDR") in settings.INTERNAL_IPS:
+    if settings.DEBUG and request.meta.get("REMOTE_ADDR") in settings.INTERNAL_IPS:
         context_extras["debug"] = True
         from django.db import connections
 
diff --git a/django/utils/cache.py b/django/utils/cache.py
index cf797d0279a4..72a33823b242 100644
--- a/django/utils/cache.py
+++ b/django/utils/cache.py
@@ -166,13 +166,13 @@ def get_conditional_response(request, etag=None, last_modified=None, response=No
         return response
 
     # Get HTTP request headers.
-    if_match_etags = parse_etags(request.META.get("HTTP_IF_MATCH", ""))
-    if_unmodified_since = request.META.get("HTTP_IF_UNMODIFIED_SINCE")
+    if_match_etags = parse_etags(request.meta.get("HTTP_IF_MATCH", ""))
+    if_unmodified_since = request.meta.get("HTTP_IF_UNMODIFIED_SINCE")
     if_unmodified_since = if_unmodified_since and parse_http_date_safe(
         if_unmodified_since
     )
-    if_none_match_etags = parse_etags(request.META.get("HTTP_IF_NONE_MATCH", ""))
-    if_modified_since = request.META.get("HTTP_IF_MODIFIED_SINCE")
+    if_none_match_etags = parse_etags(request.meta.get("HTTP_IF_NONE_MATCH", ""))
+    if_modified_since = request.meta.get("HTTP_IF_MODIFIED_SINCE")
     if_modified_since = if_modified_since and parse_http_date_safe(if_modified_since)
 
     # Evaluation of request preconditions below follows RFC 9110 Section
@@ -350,7 +350,7 @@ def _generate_cache_key(request, method, headerlist, key_prefix):
     """Return a cache key from the headers given in the header list."""
     ctx = md5(usedforsecurity=False)
     for header in headerlist:
-        value = request.META.get(header)
+        value = request.meta.get(header)
         if value is not None:
             ctx.update(value.encode())
     url = md5(request.build_absolute_uri().encode("ascii"), usedforsecurity=False)
diff --git a/django/utils/log.py b/django/utils/log.py
index fd0cc1bdc1ff..f3b6b9c1db12 100644
--- a/django/utils/log.py
+++ b/django/utils/log.py
@@ -98,7 +98,7 @@ def emit(self, record):
                 record.levelname,
                 (
                     "internal"
-                    if request.META.get("REMOTE_ADDR") in settings.INTERNAL_IPS
+                    if request.meta.get("REMOTE_ADDR") in settings.INTERNAL_IPS
                     else "EXTERNAL"
                 ),
                 record.getMessage(),
diff --git a/django/utils/translation/trans_real.py b/django/utils/translation/trans_real.py
index 872c80b00f73..91436ffaece5 100644
--- a/django/utils/translation/trans_real.py
+++ b/django/utils/translation/trans_real.py
@@ -571,7 +571,7 @@ def get_language_from_request(request, check_path=False):
     except LookupError:
         pass
 
-    accept = request.META.get("HTTP_ACCEPT_LANGUAGE", "")
+    accept = request.meta.get("HTTP_ACCEPT_LANGUAGE", "")
     for accept_lang, unused in parse_accept_lang_header(accept):
         if accept_lang == "*":
             break
diff --git a/django/views/debug.py b/django/views/debug.py
index c1265bfe6be3..d5cc15f8d27f 100644
--- a/django/views/debug.py
+++ b/django/views/debug.py
@@ -158,11 +158,11 @@ def get_safe_settings(self):
 
     def get_safe_request_meta(self, request):
         """
-        Return a dictionary of request.META with sensitive values redacted.
+        Return a dictionary of request.meta with sensitive values redacted.
         """
-        if not hasattr(request, "META"):
+        if not hasattr(request, "meta"):
             return {}
-        return {k: self.cleanse_setting(k, v) for k, v in request.META.items()}
+        return {k: self.cleanse_setting(k, v) for k, v in request.meta.items()}
 
     def get_safe_cookies(self, request):
         """
diff --git a/django/views/decorators/cache.py b/django/views/decorators/cache.py
index aa1679baff1c..6bb09c885f91 100644
--- a/django/views/decorators/cache.py
+++ b/django/views/decorators/cache.py
@@ -30,7 +30,7 @@ def cache_page(timeout, *, cache=None, key_prefix=None):
 
 def _check_request(request, decorator_name):
     # Ensure argument looks like a request.
-    if not hasattr(request, "META"):
+    if not hasattr(request, "meta"):
         raise TypeError(
             f"{decorator_name} didn't receive an HttpRequest. If you are "
             "decorating a classmethod, be sure to use @method_decorator."
diff --git a/django/views/generic/base.py b/django/views/generic/base.py
index 8f8f9397e8c0..5f734680128d 100644
--- a/django/views/generic/base.py
+++ b/django/views/generic/base.py
@@ -248,7 +248,7 @@ def get_redirect_url(self, *args, **kwargs):
         else:
             return None
 
-        args = self.request.META.get("QUERY_STRING", "")
+        args = self.request.meta.get("QUERY_STRING", "")
         if args and self.query_string:
             url = "%s?%s" % (url, args)
         return url
diff --git a/django/views/i18n.py b/django/views/i18n.py
index 771035d8ab29..7c68ee9a7360 100644
--- a/django/views/i18n.py
+++ b/django/views/i18n.py
@@ -46,7 +46,7 @@ def set_language(request):
         allowed_hosts={request.get_host()},
         require_https=request.is_secure(),
     ):
-        next_url = request.META.get("HTTP_REFERER")
+        next_url = request.meta.get("HTTP_REFERER")
         if not url_has_allowed_host_and_scheme(
             url=next_url,
             allowed_hosts={request.get_host()},
diff --git a/django/views/static.py b/django/views/static.py
index df46c53093e0..ed7e24d34439 100644
--- a/django/views/static.py
+++ b/django/views/static.py
@@ -51,7 +51,7 @@ def serve(request, path, document_root=None, show_indexes=False):
     # Respect the If-Modified-Since header.
     statobj = fullpath.stat()
     if not was_modified_since(
-        request.META.get("HTTP_IF_MODIFIED_SINCE"), statobj.st_mtime
+        request.meta.get("HTTP_IF_MODIFIED_SINCE"), statobj.st_mtime
     ):
         return HttpResponseNotModified()
     content_type, encoding = mimetypes.guess_type(str(fullpath))
diff --git a/docs/howto/auth-remote-user.txt b/docs/howto/auth-remote-user.txt
index 19b25432fe7c..95e822684004 100644
--- a/docs/howto/auth-remote-user.txt
+++ b/docs/howto/auth-remote-user.txt
@@ -17,8 +17,8 @@ Windows Authentication or Apache and `mod_authnz_ldap`_, `CAS`_, `Cosign`_,
 
 When the web server takes care of authentication it typically sets the
 ``REMOTE_USER`` environment variable for use in the underlying application.  In
-Django, ``REMOTE_USER`` is made available in the :attr:`request.META
-<django.http.HttpRequest.META>` attribute.  Django can be configured to make
+Django, ``REMOTE_USER`` is made available in the :attr:`request.meta
+<django.http.HttpRequest.meta>` attribute.  Django can be configured to make
 use of the ``REMOTE_USER`` value using the ``RemoteUserMiddleware``
 or ``PersistentRemoteUserMiddleware``, and
 :class:`~django.contrib.auth.backends.RemoteUserBackend` classes found in
@@ -48,7 +48,7 @@ with :class:`~django.contrib.auth.backends.RemoteUserBackend` in the
     ]
 
 With this setup, ``RemoteUserMiddleware`` will detect the username in
-``request.META['REMOTE_USER']`` and will authenticate and auto-login that user
+``request.meta['REMOTE_USER']`` and will authenticate and auto-login that user
 using the :class:`~django.contrib.auth.backends.RemoteUserBackend`.
 
 Be aware that this particular setup disables authentication with the default
@@ -77,7 +77,7 @@ regardless of ``AUTHENTICATION_BACKENDS``.
 
 If your authentication mechanism uses a custom HTTP header and not
 ``REMOTE_USER``, you can subclass ``RemoteUserMiddleware`` and set the
-``header`` attribute to the desired ``request.META`` key.  For example::
+``header`` attribute to the desired ``request.meta`` key.  For example::
 
     from django.contrib.auth.middleware import RemoteUserMiddleware
 
@@ -92,13 +92,13 @@ If your authentication mechanism uses a custom HTTP header and not
     strips that header based on the appropriate authentication checks, never
     permitting an end-user to submit a fake (or "spoofed") header value. Since
     the HTTP headers ``X-Auth-User`` and ``X-Auth_User`` (for example) both
-    normalize to the ``HTTP_X_AUTH_USER`` key in ``request.META``, you must
+    normalize to the ``HTTP_X_AUTH_USER`` key in ``request.meta``, you must
     also check that your web server doesn't allow a spoofed header using
     underscores in place of dashes.
 
     This warning doesn't apply to ``RemoteUserMiddleware`` in its default
     configuration with ``header = 'REMOTE_USER'``, since a key that doesn't
-    start with ``HTTP_`` in ``request.META`` can only be set by your WSGI
+    start with ``HTTP_`` in ``request.meta`` can only be set by your WSGI
     server, not directly from an HTTP request header.
 
 If you need more control, you can create your own authentication backend
diff --git a/docs/howto/error-reporting.txt b/docs/howto/error-reporting.txt
index 84fe3cb768d6..2d4068ab88ec 100644
--- a/docs/howto/error-reporting.txt
+++ b/docs/howto/error-reporting.txt
@@ -288,7 +288,7 @@ following attributes and methods:
     .. attribute:: hidden_settings
 
         A compiled regular expression object used to match settings and
-        ``request.META`` values considered as sensitive. By default equivalent
+        ``request.meta`` values considered as sensitive. By default equivalent
         to::
 
             import re
@@ -300,7 +300,7 @@ following attributes and methods:
         Returns ``True`` to activate the filtering in
         :meth:`get_post_parameters` and :meth:`get_traceback_frame_variables`.
         By default the filter is active if :setting:`DEBUG` is ``False``. Note
-        that sensitive ``request.META`` values are always filtered along with
+        that sensitive ``request.meta`` values are always filtered along with
         sensitive setting values, as described in the :setting:`DEBUG`
         documentation.
 
diff --git a/docs/ref/contrib/admin/index.txt b/docs/ref/contrib/admin/index.txt
index 23cfa833e06a..4e60121e659f 100644
--- a/docs/ref/contrib/admin/index.txt
+++ b/docs/ref/contrib/admin/index.txt
@@ -2872,7 +2872,7 @@ Templates can override or extend base admin templates as described in
     ``site_url`` is ``/``. Set it to ``None`` to remove the link.
 
     For sites running on a subpath, the :meth:`each_context` method checks if
-    the current request has ``request.META['SCRIPT_NAME']`` set and uses that
+    the current request has ``request.meta['SCRIPT_NAME']`` set and uses that
     value if ``site_url`` isn't set to something other than ``/``.
 
 .. attribute:: AdminSite.index_title
diff --git a/docs/ref/contrib/auth.txt b/docs/ref/contrib/auth.txt
index db1ff3bb5dae..0d37ffcc3c86 100644
--- a/docs/ref/contrib/auth.txt
+++ b/docs/ref/contrib/auth.txt
@@ -622,7 +622,7 @@ The following backends are available in :mod:`django.contrib.auth.backends`:
 
     Use this backend to take advantage of external-to-Django-handled
     authentication.  It authenticates using usernames passed in
-    :attr:`request.META['REMOTE_USER'] <django.http.HttpRequest.META>`.  See
+    :attr:`request.meta['REMOTE_USER'] <django.http.HttpRequest.meta>`.  See
     the :doc:`Authenticating against REMOTE_USER </howto/auth-remote-user>`
     documentation.
 
diff --git a/docs/ref/files/uploads.txt b/docs/ref/files/uploads.txt
index 39456c16f0c5..80babb13b99a 100644
--- a/docs/ref/files/uploads.txt
+++ b/docs/ref/files/uploads.txt
@@ -217,14 +217,14 @@ attributes:
     Callback signaling that the upload was interrupted, e.g. when the user
     closed their browser during file upload.
 
-.. method:: FileUploadHandler.handle_raw_input(input_data, META, content_length, boundary, encoding)
+.. method:: FileUploadHandler.handle_raw_input(input_data, meta, content_length, boundary, encoding)
 
     Allows the handler to completely override the parsing of the raw
     HTTP input.
 
     ``input_data`` is a file-like object that supports ``read()``-ing.
 
-    ``META`` is the same object as ``request.META``.
+    ``META`` is the same object as ``request.meta``.
 
     ``content_length`` is the length of the data in ``input_data``. Don't
     read more than ``content_length`` bytes from ``input_data``.
diff --git a/docs/ref/request-response.txt b/docs/ref/request-response.txt
index 0a73e644dadd..06bb7e6ea874 100644
--- a/docs/ref/request-response.txt
+++ b/docs/ref/request-response.txt
@@ -135,7 +135,11 @@ All attributes should be considered read-only, unless stated otherwise.
     ``<form>`` that posted to the request had ``enctype="multipart/form-data"``.
     Otherwise, ``FILES`` will be a blank dictionary-like object.
 
-.. attribute:: HttpRequest.META
+.. attribute:: HttpRequest.meta
+
+    .. versionadded:: 5.1
+
+        This is the new name for :attr:`HttpRequest.META`.
 
     A dictionary containing all available HTTP headers. Available headers
     depend on the client and server, but here are some examples:
@@ -284,6 +288,20 @@ middleware class is listed in :setting:`MIDDLEWARE`.
     The :meth:`auser` method does the same thing but can be used from async
     contexts.
 
+Alias attributes
+----------------
+
+These attributes are the old names for other attributes, and are preserved as
+aliases for backwards compatibility.
+
+.. attribute:: HttpRequest.GET
+
+    An alias of :attr:`HttpRequest.query_params`.
+
+.. attribute:: HttpRequest.META
+
+    An alias of :attr:`HttpRequest.meta`.
+
 Methods
 -------
 
@@ -332,10 +350,10 @@ Methods
                     recent proxy is used.
                     """
                     for field in self.FORWARDED_FOR_FIELDS:
-                        if field in request.META:
-                            if "," in request.META[field]:
-                                parts = request.META[field].split(",")
-                                request.META[field] = parts[-1].strip()
+                        if field in request.meta:
+                            if "," in request.meta[field]:
+                                parts = request.meta[field].split(",")
+                                request.meta[field] = parts[-1].strip()
                     return self.get_response(request)
 
         This middleware should be positioned before any other middleware that
@@ -347,7 +365,7 @@ Methods
 
     Returns the originating port of the request using information from the
     ``HTTP_X_FORWARDED_PORT`` (if :setting:`USE_X_FORWARDED_PORT` is enabled)
-    and ``SERVER_PORT`` ``META`` variables, in that order.
+    and ``SERVER_PORT`` :attr:`HttpRequest.meta` variables, in that order.
 
 .. method:: HttpRequest.get_full_path()
 
diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt
index 089c8897e544..91677ddcfa51 100644
--- a/docs/ref/settings.txt
+++ b/docs/ref/settings.txt
@@ -96,7 +96,7 @@ is validated against ``['.localhost', '127.0.0.1', '[::1]']``.
 <topics-testing-advanced-multiple-hosts>`.
 
 This validation only applies via :meth:`~django.http.HttpRequest.get_host()`;
-if your code accesses the ``Host`` header directly from ``request.META`` you
+if your code accesses the ``Host`` header directly from ``request.meta`` you
 are bypassing this security protection.
 
 .. setting:: APPEND_SLASH
@@ -442,7 +442,7 @@ Default: ``'HTTP_X_CSRFTOKEN'``
 
 The name of the request header used for CSRF authentication.
 
-As with other HTTP headers in ``request.META``, the header name received from
+As with other HTTP headers in ``request.meta``, the header name received from
 the server is normalized by converting all characters to uppercase, replacing
 any hyphens with underscores, and adding an ``'HTTP_'`` prefix to the name.
 For example, if your client sends a ``'X-XSRF-TOKEN'`` header, the setting
@@ -2433,10 +2433,10 @@ in via HTTPS) when:
 You should *only* set this setting if you control your proxy or have some other
 guarantee that it sets/strips this header appropriately.
 
-Note that the header needs to be in the format as used by ``request.META`` --
+Note that the header needs to be in the format as used by ``request.meta`` --
 all caps and likely starting with ``HTTP_``. (Remember, Django automatically
 adds ``'HTTP_'`` to the start of x-header names before making the header
-available in ``request.META``.)
+available in ``request.meta``.)
 
 .. warning::
 
@@ -2942,7 +2942,7 @@ number, in which case you shouldn't use :setting:`USE_X_FORWARDED_PORT`.
 Default: ``False``
 
 A boolean that specifies whether to use the ``X-Forwarded-Port`` header in
-preference to the ``SERVER_PORT`` ``META`` variable. This should only be
+preference to the ``SERVER_PORT`` :attr:`request.meta <.HttpRequest.meta>` variable. This should only be
 enabled if a proxy which sets this header is in use.
 
 :setting:`USE_X_FORWARDED_HOST` takes priority over this setting.
diff --git a/docs/ref/templates/api.txt b/docs/ref/templates/api.txt
index 26e4ff4c2359..8a8ede5c0aca 100644
--- a/docs/ref/templates/api.txt
+++ b/docs/ref/templates/api.txt
@@ -681,7 +681,7 @@ example, the :class:`RequestContext` instance gets an ``ip_address`` variable::
 
 
     def ip_address_processor(request):
-        return {"ip_address": request.META["REMOTE_ADDR"]}
+        return {"ip_address": request.meta["REMOTE_ADDR"]}
 
 
     def client_ip_view(request):
@@ -729,7 +729,7 @@ variables:
 
 If this processor is enabled, every ``RequestContext`` will contain these two
 variables -- but only if your :setting:`DEBUG` setting is set to ``True`` and
-the request's IP address (``request.META['REMOTE_ADDR']``) is in the
+the request's IP address (``request.meta['REMOTE_ADDR']``) is in the
 :setting:`INTERNAL_IPS` setting:
 
 * ``debug`` -- ``True``. You can use this in templates to test whether
diff --git a/docs/ref/urlresolvers.txt b/docs/ref/urlresolvers.txt
index eb0b991f1bb2..79f4da2bcb77 100644
--- a/docs/ref/urlresolvers.txt
+++ b/docs/ref/urlresolvers.txt
@@ -209,7 +209,7 @@ view would raise a ``Http404`` error before redirecting to it::
 
 
     def myview(request):
-        next = request.META.get("HTTP_REFERER", None) or "/"
+        next = request.meta.get("HTTP_REFERER", None) or "/"
         response = HttpResponseRedirect(next)
 
         # modify the request and response as required, e.g. change locale
diff --git a/docs/releases/5.1.txt b/docs/releases/5.1.txt
index 1009ffe73969..b4c9433a27c5 100644
--- a/docs/releases/5.1.txt
+++ b/docs/releases/5.1.txt
@@ -187,7 +187,13 @@ Models
 Requests and Responses
 ~~~~~~~~~~~~~~~~~~~~~~
 
-* ...
+* Some request attributes have been renamed:
+
+  * :attr:`.HttpRequest.GET` is now :attr:`.HttpRequest.query_params`.
+  * :attr:`.HttpRequest.META` is now :attr:`.HttpRequest.meta`.
+
+  The old names remain as aliases for backwards compatibility and will not be
+  removed.
 
 Security
 ~~~~~~~~
diff --git a/docs/topics/auth/default.txt b/docs/topics/auth/default.txt
index a8d32b2fea49..52a83e6eafe2 100644
--- a/docs/topics/auth/default.txt
+++ b/docs/topics/auth/default.txt
@@ -1165,7 +1165,7 @@ implementation details see :ref:`using-the-views`.
 
     * ``site_name``: An alias for ``site.name``. If you don't have the site
       framework installed, this will be set to the value of
-      :attr:`request.META['SERVER_NAME'] <django.http.HttpRequest.META>`.
+      :attr:`request.meta['SERVER_NAME'] <django.http.HttpRequest.meta>`.
       For more on sites, see :doc:`/ref/contrib/sites`.
 
     If you'd prefer not to call the template :file:`registration/login.html`,
@@ -1280,7 +1280,7 @@ implementation details see :ref:`using-the-views`.
 
     * ``site_name``: An alias for ``site.name``. If you don't have the site
       framework installed, this will be set to the value of
-      :attr:`request.META['SERVER_NAME'] <django.http.HttpRequest.META>`.
+      :attr:`request.meta['SERVER_NAME'] <django.http.HttpRequest.meta>`.
       For more on sites, see :doc:`/ref/contrib/sites`.
 
 .. function:: logout_then_login(request, login_url=None)
@@ -1455,7 +1455,7 @@ implementation details see :ref:`using-the-views`.
 
     * ``site_name``: An alias for ``site.name``. If you don't have the site
       framework installed, this will be set to the value of
-      :attr:`request.META['SERVER_NAME'] <django.http.HttpRequest.META>`.
+      :attr:`request.meta['SERVER_NAME'] <django.http.HttpRequest.meta>`.
       For more on sites, see :doc:`/ref/contrib/sites`.
 
     * ``domain``: An alias for ``site.domain``. If you don't have the site
diff --git a/docs/topics/security.txt b/docs/topics/security.txt
index 0f6f05163afb..58eb75d6da3c 100644
--- a/docs/topics/security.txt
+++ b/docs/topics/security.txt
@@ -181,7 +181,7 @@ Because even seemingly-secure web server configurations are susceptible to fake
 :meth:`django.http.HttpRequest.get_host()` method.
 
 This validation only applies via :meth:`~django.http.HttpRequest.get_host()`;
-if your code accesses the ``Host`` header directly from ``request.META`` you
+if your code accesses the ``Host`` header directly from ``request.meta`` you
 are bypassing this security protection.
 
 For more details see the full :setting:`ALLOWED_HOSTS` documentation.
diff --git a/tests/asgi/urls.py b/tests/asgi/urls.py
index 931b7d520672..440873046e5e 100644
--- a/tests/asgi/urls.py
+++ b/tests/asgi/urls.py
@@ -20,8 +20,8 @@ def hello_with_delay(request):
 
 def hello_meta(request):
     return HttpResponse(
-        "From %s" % request.META.get("HTTP_REFERER") or "",
-        content_type=request.META.get("CONTENT_TYPE"),
+        "From %s" % request.meta.get("HTTP_REFERER") or "",
+        content_type=request.meta.get("CONTENT_TYPE"),
     )
 
 
diff --git a/tests/auth_tests/test_remote_user.py b/tests/auth_tests/test_remote_user.py
index ea4399a44aae..557bf0b652fc 100644
--- a/tests/auth_tests/test_remote_user.py
+++ b/tests/auth_tests/test_remote_user.py
@@ -67,7 +67,7 @@ def test_csrf_validation_passes_after_process_request_login(self):
 
         # This request will call django.contrib.auth.login() which will call
         # django.middleware.csrf.rotate_token() thus changing the value of
-        # request.META['CSRF_COOKIE'] from the user submitted value set by
+        # request.meta['CSRF_COOKIE'] from the user submitted value set by
         # CsrfViewMiddleware.process_request() to the new csrftoken value set
         # by rotate_token(). Csrf validation should still pass when the view is
         # later processed by CsrfViewMiddleware.process_view()
@@ -218,7 +218,7 @@ def configure_user(self, request, user, created=True):
         Sets user's email address using the email specified in an HTTP header.
         Sets user's last name for existing users.
         """
-        user.email = request.META.get(RemoteUserTest.email_header, "")
+        user.email = request.meta.get(RemoteUserTest.email_header, "")
         if not created:
             user.last_name = user.username
         user.save()
diff --git a/tests/auth_tests/test_views.py b/tests/auth_tests/test_views.py
index ba0a77a4dcc5..7e4a66104567 100644
--- a/tests/auth_tests/test_views.py
+++ b/tests/auth_tests/test_views.py
@@ -818,10 +818,10 @@ def get_response(request):
         # Use POST request to log in
         SessionMiddleware(get_response).process_request(req)
         CsrfViewMiddleware(get_response).process_view(req, LoginView.as_view(), (), {})
-        req.META[
+        req.meta[
             "SERVER_NAME"
         ] = "testserver"  # Required to have redirect work in login view
-        req.META["SERVER_PORT"] = 80
+        req.meta["SERVER_PORT"] = 80
         resp = CsrfViewMiddleware(LoginView.as_view())(req)
         csrf_cookie = resp.cookies.get(settings.CSRF_COOKIE_NAME, None)
         token2 = csrf_cookie.coded_value
@@ -998,8 +998,8 @@ def test_default_logout_then_login(self):
         csrf_token = get_token(req)
         req.COOKIES[settings.CSRF_COOKIE_NAME] = csrf_token
         req.POST = {"csrfmiddlewaretoken": csrf_token}
-        req.META["SERVER_NAME"] = "testserver"
-        req.META["SERVER_PORT"] = 80
+        req.meta["SERVER_NAME"] = "testserver"
+        req.meta["SERVER_PORT"] = 80
         req.session = self.client.session
         response = logout_then_login(req)
         self.confirm_logged_out()
@@ -1012,8 +1012,8 @@ def test_logout_then_login_with_custom_login(self):
         csrf_token = get_token(req)
         req.COOKIES[settings.CSRF_COOKIE_NAME] = csrf_token
         req.POST = {"csrfmiddlewaretoken": csrf_token}
-        req.META["SERVER_NAME"] = "testserver"
-        req.META["SERVER_PORT"] = 80
+        req.meta["SERVER_NAME"] = "testserver"
+        req.meta["SERVER_PORT"] = 80
         req.session = self.client.session
         response = logout_then_login(req, login_url="/custom/")
         self.confirm_logged_out()
@@ -1024,8 +1024,8 @@ def test_default_logout_then_login_get(self):
         self.login()
         req = HttpRequest()
         req.method = "GET"
-        req.META["SERVER_NAME"] = "testserver"
-        req.META["SERVER_PORT"] = 80
+        req.meta["SERVER_NAME"] = "testserver"
+        req.meta["SERVER_PORT"] = 80
         req.session = self.client.session
         response = logout_then_login(req)
         self.assertEqual(response.status_code, 405)
diff --git a/tests/cache/tests.py b/tests/cache/tests.py
index fcce9579d48c..c051ccaaeaab 100644
--- a/tests/cache/tests.py
+++ b/tests/cache/tests.py
@@ -2263,8 +2263,8 @@ def test_cache_key_i18n_translation(self):
 
     def check_accept_language_vary(self, accept_language, vary, reference_key):
         request = self.factory.get(self.path)
-        request.META["HTTP_ACCEPT_LANGUAGE"] = accept_language
-        request.META["HTTP_ACCEPT_ENCODING"] = "gzip;q=1.0, identity; q=0.5, *;q=0"
+        request.meta["HTTP_ACCEPT_LANGUAGE"] = accept_language
+        request.meta["HTTP_ACCEPT_ENCODING"] = "gzip;q=1.0, identity; q=0.5, *;q=0"
         response = HttpResponse()
         response.headers["Vary"] = vary
         key = learn_cache_key(request, response)
@@ -2277,7 +2277,7 @@ def test_cache_key_i18n_translation_accept_language(self):
         lang = translation.get_language()
         self.assertEqual(lang, "en")
         request = self.factory.get(self.path)
-        request.META["HTTP_ACCEPT_ENCODING"] = "gzip;q=1.0, identity; q=0.5, *;q=0"
+        request.meta["HTTP_ACCEPT_ENCODING"] = "gzip;q=1.0, identity; q=0.5, *;q=0"
         response = HttpResponse()
         response.headers["Vary"] = "accept-encoding"
         key = learn_cache_key(request, response)
diff --git a/tests/contenttypes_tests/test_views.py b/tests/contenttypes_tests/test_views.py
index 4d85d15065f8..209191663532 100644
--- a/tests/contenttypes_tests/test_views.py
+++ b/tests/contenttypes_tests/test_views.py
@@ -229,7 +229,7 @@ def test_shortcut_view_with_site_m2m(self, get_model):
 class ShortcutViewTests(TestCase):
     def setUp(self):
         self.request = HttpRequest()
-        self.request.META = {"SERVER_NAME": "Example.com", "SERVER_PORT": "80"}
+        self.request.meta = {"SERVER_NAME": "Example.com", "SERVER_PORT": "80"}
 
     @override_settings(ALLOWED_HOSTS=["example.com"])
     def test_not_dependent_on_sites_app(self):
diff --git a/tests/csrf_tests/test_context_processor.py b/tests/csrf_tests/test_context_processor.py
index 903237d68ff6..9c2be398b328 100644
--- a/tests/csrf_tests/test_context_processor.py
+++ b/tests/csrf_tests/test_context_processor.py
@@ -9,6 +9,6 @@ class TestContextProcessor(CsrfFunctionTestMixin, SimpleTestCase):
     def test_force_token_to_string(self):
         request = HttpRequest()
         test_secret = 32 * "a"
-        request.META["CSRF_COOKIE"] = test_secret
+        request.meta["CSRF_COOKIE"] = test_secret
         token = csrf(request).get("csrf_token")
         self.assertMaskedSecretCorrect(token, test_secret)
diff --git a/tests/csrf_tests/tests.py b/tests/csrf_tests/tests.py
index 9407221cd13b..51cd491d0a65 100644
--- a/tests/csrf_tests/tests.py
+++ b/tests/csrf_tests/tests.py
@@ -89,33 +89,33 @@ def test_mask_cipher_secret(self):
 
     def test_get_token_csrf_cookie_set(self):
         request = HttpRequest()
-        request.META["CSRF_COOKIE"] = TEST_SECRET
-        self.assertNotIn("CSRF_COOKIE_NEEDS_UPDATE", request.META)
+        request.meta["CSRF_COOKIE"] = TEST_SECRET
+        self.assertNotIn("CSRF_COOKIE_NEEDS_UPDATE", request.meta)
         token = get_token(request)
         self.assertMaskedSecretCorrect(token, TEST_SECRET)
         # The existing cookie is preserved.
-        self.assertEqual(request.META["CSRF_COOKIE"], TEST_SECRET)
-        self.assertIs(request.META["CSRF_COOKIE_NEEDS_UPDATE"], True)
+        self.assertEqual(request.meta["CSRF_COOKIE"], TEST_SECRET)
+        self.assertIs(request.meta["CSRF_COOKIE_NEEDS_UPDATE"], True)
 
     def test_get_token_csrf_cookie_not_set(self):
         request = HttpRequest()
-        self.assertNotIn("CSRF_COOKIE", request.META)
-        self.assertNotIn("CSRF_COOKIE_NEEDS_UPDATE", request.META)
+        self.assertNotIn("CSRF_COOKIE", request.meta)
+        self.assertNotIn("CSRF_COOKIE_NEEDS_UPDATE", request.meta)
         token = get_token(request)
-        cookie = request.META["CSRF_COOKIE"]
+        cookie = request.meta["CSRF_COOKIE"]
         self.assertMaskedSecretCorrect(token, cookie)
-        self.assertIs(request.META["CSRF_COOKIE_NEEDS_UPDATE"], True)
+        self.assertIs(request.meta["CSRF_COOKIE_NEEDS_UPDATE"], True)
 
     def test_rotate_token(self):
         request = HttpRequest()
-        request.META["CSRF_COOKIE"] = TEST_SECRET
-        self.assertNotIn("CSRF_COOKIE_NEEDS_UPDATE", request.META)
+        request.meta["CSRF_COOKIE"] = TEST_SECRET
+        self.assertNotIn("CSRF_COOKIE_NEEDS_UPDATE", request.meta)
         rotate_token(request)
         # The underlying secret was changed.
-        cookie = request.META["CSRF_COOKIE"]
+        cookie = request.meta["CSRF_COOKIE"]
         self.assertEqual(len(cookie), CSRF_SECRET_LENGTH)
         self.assertNotEqual(cookie, TEST_SECRET)
-        self.assertIs(request.META["CSRF_COOKIE_NEEDS_UPDATE"], True)
+        self.assertIs(request.meta["CSRF_COOKIE_NEEDS_UPDATE"], True)
 
     def test_check_token_format_valid(self):
         cases = [
@@ -259,9 +259,9 @@ def _get_csrf_cookie_request(
         """
         The method argument defaults to "GET". The cookie argument defaults to
         this class's default test cookie. The post_token and meta_token
-        arguments are included in the request's req.POST and req.META headers,
+        arguments are included in the request's req.POST and req.meta headers,
         respectively, when that argument is provided and non-None. The
-        token_header argument is the header key to use for req.META, defaults
+        token_header argument is the header key to use for req.meta, defaults
         to "HTTP_X_CSRFTOKEN".
         """
         if cookie is None:
@@ -276,7 +276,7 @@ def _get_csrf_cookie_request(
         if post_token is not None:
             req.POST["csrfmiddlewaretoken"] = post_token
         if meta_token is not None:
-            req.META[token_header] = meta_token
+            req.meta[token_header] = meta_token
         return req
 
     def _get_POST_csrf_cookie_request(
@@ -621,9 +621,9 @@ def test_https_bad_referer(self):
         """
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_REFERER"] = "https://www.evil.org/somepage"
-        req.META["SERVER_PORT"] = "443"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_REFERER"] = "https://www.evil.org/somepage"
+        req.meta["SERVER_PORT"] = "443"
         mw = CsrfViewMiddleware(post_form_view)
         response = mw.process_view(req, post_form_view, (), {})
         self.assertContains(
@@ -658,9 +658,9 @@ def test_https_malformed_host(self):
         """
         req = self._get_request(method="POST")
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "@malformed"
-        req.META["HTTP_REFERER"] = "https://www.evil.org/somepage"
-        req.META["SERVER_PORT"] = "443"
+        req.meta["HTTP_HOST"] = "@malformed"
+        req.meta["HTTP_REFERER"] = "https://www.evil.org/somepage"
+        req.meta["SERVER_PORT"] = "443"
         mw = CsrfViewMiddleware(token_view)
         expected = (
             "Referer checking failed - https://www.evil.org/somepage does not "
@@ -674,8 +674,8 @@ def test_https_malformed_host(self):
     def test_origin_malformed_host(self):
         req = self._get_request(method="POST")
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "@malformed"
-        req.META["HTTP_ORIGIN"] = "https://www.evil.org"
+        req.meta["HTTP_HOST"] = "@malformed"
+        req.meta["HTTP_ORIGIN"] = "https://www.evil.org"
         mw = CsrfViewMiddleware(token_view)
         self._check_referer_rejects(mw, req)
         response = mw.process_view(req, token_view, (), {})
@@ -689,7 +689,7 @@ def test_https_malformed_referer(self):
         malformed_referer_msg = "Referer checking failed - Referer is malformed."
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_REFERER"] = "http://http://www.example.com/"
+        req.meta["HTTP_REFERER"] = "http://http://www.example.com/"
         mw = CsrfViewMiddleware(post_form_view)
         self._check_referer_rejects(mw, req)
         response = mw.process_view(req, post_form_view, (), {})
@@ -699,12 +699,12 @@ def test_https_malformed_referer(self):
             status_code=403,
         )
         # Empty
-        req.META["HTTP_REFERER"] = ""
+        req.meta["HTTP_REFERER"] = ""
         self._check_referer_rejects(mw, req)
         response = mw.process_view(req, post_form_view, (), {})
         self.assertContains(response, malformed_referer_msg, status_code=403)
         # Non-ASCII
-        req.META["HTTP_REFERER"] = "ØBöIß"
+        req.meta["HTTP_REFERER"] = "ØBöIß"
         self._check_referer_rejects(mw, req)
         response = mw.process_view(req, post_form_view, (), {})
         self.assertContains(response, malformed_referer_msg, status_code=403)
@@ -713,7 +713,7 @@ def test_https_malformed_referer(self):
         # ParseResult(
         #   scheme='', netloc='example.com', path='/', params='', query='', fragment='',
         # )
-        req.META["HTTP_REFERER"] = "//example.com/"
+        req.meta["HTTP_REFERER"] = "//example.com/"
         self._check_referer_rejects(mw, req)
         response = mw.process_view(req, post_form_view, (), {})
         self.assertContains(response, malformed_referer_msg, status_code=403)
@@ -722,14 +722,14 @@ def test_https_malformed_referer(self):
         # ParseResult(
         #   scheme='https', netloc='', path='', params='', query='', fragment='',
         # )
-        req.META["HTTP_REFERER"] = "https://"
+        req.meta["HTTP_REFERER"] = "https://"
         self._check_referer_rejects(mw, req)
         response = mw.process_view(req, post_form_view, (), {})
         self.assertContains(response, malformed_referer_msg, status_code=403)
         # Invalid URL
         # >>> urlparse('https://[')
         # ValueError: Invalid IPv6 URL
-        req.META["HTTP_REFERER"] = "https://["
+        req.meta["HTTP_REFERER"] = "https://["
         self._check_referer_rejects(mw, req)
         response = mw.process_view(req, post_form_view, (), {})
         self.assertContains(response, malformed_referer_msg, status_code=403)
@@ -741,8 +741,8 @@ def test_https_good_referer(self):
         """
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_REFERER"] = "https://www.example.com/somepage"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_REFERER"] = "https://www.example.com/somepage"
         mw = CsrfViewMiddleware(post_form_view)
         mw.process_request(req)
         resp = mw.process_view(req, post_form_view, (), {})
@@ -757,8 +757,8 @@ def test_https_good_referer_2(self):
         # See ticket #15617
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_REFERER"] = "https://www.example.com"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_REFERER"] = "https://www.example.com"
         mw = CsrfViewMiddleware(post_form_view)
         mw.process_request(req)
         resp = mw.process_view(req, post_form_view, (), {})
@@ -767,7 +767,7 @@ def test_https_good_referer_2(self):
     def _test_https_good_referer_behind_proxy(self):
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META.update(
+        req.meta.update(
             {
                 "HTTP_HOST": "10.0.0.2",
                 "HTTP_REFERER": "https://www.example.com/somepage",
@@ -789,8 +789,8 @@ def test_https_good_referer_malformed_host(self):
         """
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "@malformed"
-        req.META["HTTP_REFERER"] = "https://dashboard.example.com/somepage"
+        req.meta["HTTP_HOST"] = "@malformed"
+        req.meta["HTTP_REFERER"] = "https://dashboard.example.com/somepage"
         mw = CsrfViewMiddleware(post_form_view)
         mw.process_request(req)
         resp = mw.process_view(req, post_form_view, (), {})
@@ -807,8 +807,8 @@ def test_https_csrf_trusted_origin_allowed(self):
         """
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_REFERER"] = "https://dashboard.example.com"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_REFERER"] = "https://dashboard.example.com"
         mw = CsrfViewMiddleware(post_form_view)
         mw.process_request(req)
         resp = mw.process_view(req, post_form_view, (), {})
@@ -825,8 +825,8 @@ def test_https_csrf_wildcard_trusted_origin_allowed(self):
         """
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_REFERER"] = "https://dashboard.example.com"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_REFERER"] = "https://dashboard.example.com"
         mw = CsrfViewMiddleware(post_form_view)
         mw.process_request(req)
         response = mw.process_view(req, post_form_view, (), {})
@@ -835,8 +835,8 @@ def test_https_csrf_wildcard_trusted_origin_allowed(self):
     def _test_https_good_referer_matches_cookie_domain(self):
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_REFERER"] = "https://foo.example.com/"
-        req.META["SERVER_PORT"] = "443"
+        req.meta["HTTP_REFERER"] = "https://foo.example.com/"
+        req.meta["SERVER_PORT"] = "443"
         mw = CsrfViewMiddleware(post_form_view)
         mw.process_request(req)
         response = mw.process_view(req, post_form_view, (), {})
@@ -845,9 +845,9 @@ def _test_https_good_referer_matches_cookie_domain(self):
     def _test_https_good_referer_matches_cookie_domain_with_different_port(self):
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_REFERER"] = "https://foo.example.com:4443/"
-        req.META["SERVER_PORT"] = "4443"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_REFERER"] = "https://foo.example.com:4443/"
+        req.meta["SERVER_PORT"] = "4443"
         mw = CsrfViewMiddleware(post_form_view)
         mw.process_request(req)
         response = mw.process_view(req, post_form_view, (), {})
@@ -899,30 +899,30 @@ def test_reading_post_data_raises_os_error(self):
     def test_bad_origin_bad_domain(self):
         """A request with a bad origin is rejected."""
         req = self._get_POST_request_with_token()
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_ORIGIN"] = "https://www.evil.org"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_ORIGIN"] = "https://www.evil.org"
         mw = CsrfViewMiddleware(post_form_view)
         self._check_referer_rejects(mw, req)
         self.assertIs(mw._origin_verified(req), False)
         with self.assertLogs("django.security.csrf", "WARNING") as cm:
             response = mw.process_view(req, post_form_view, (), {})
         self.assertEqual(response.status_code, 403)
-        msg = REASON_BAD_ORIGIN % req.META["HTTP_ORIGIN"]
+        msg = REASON_BAD_ORIGIN % req.meta["HTTP_ORIGIN"]
         self.assertEqual(cm.records[0].getMessage(), "Forbidden (%s): " % msg)
 
     @override_settings(ALLOWED_HOSTS=["www.example.com"])
     def test_bad_origin_null_origin(self):
         """A request with a null origin is rejected."""
         req = self._get_POST_request_with_token()
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_ORIGIN"] = "null"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_ORIGIN"] = "null"
         mw = CsrfViewMiddleware(post_form_view)
         self._check_referer_rejects(mw, req)
         self.assertIs(mw._origin_verified(req), False)
         with self.assertLogs("django.security.csrf", "WARNING") as cm:
             response = mw.process_view(req, post_form_view, (), {})
         self.assertEqual(response.status_code, 403)
-        msg = REASON_BAD_ORIGIN % req.META["HTTP_ORIGIN"]
+        msg = REASON_BAD_ORIGIN % req.meta["HTTP_ORIGIN"]
         self.assertEqual(cm.records[0].getMessage(), "Forbidden (%s): " % msg)
 
     @override_settings(ALLOWED_HOSTS=["www.example.com"])
@@ -930,15 +930,15 @@ def test_bad_origin_bad_protocol(self):
         """A request with an origin with wrong protocol is rejected."""
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_ORIGIN"] = "http://example.com"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_ORIGIN"] = "http://example.com"
         mw = CsrfViewMiddleware(post_form_view)
         self._check_referer_rejects(mw, req)
         self.assertIs(mw._origin_verified(req), False)
         with self.assertLogs("django.security.csrf", "WARNING") as cm:
             response = mw.process_view(req, post_form_view, (), {})
         self.assertEqual(response.status_code, 403)
-        msg = REASON_BAD_ORIGIN % req.META["HTTP_ORIGIN"]
+        msg = REASON_BAD_ORIGIN % req.meta["HTTP_ORIGIN"]
         self.assertEqual(cm.records[0].getMessage(), "Forbidden (%s): " % msg)
 
     @override_settings(
@@ -957,15 +957,15 @@ def test_bad_origin_csrf_trusted_origin_bad_protocol(self):
         """
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_ORIGIN"] = "http://foo.example.com"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_ORIGIN"] = "http://foo.example.com"
         mw = CsrfViewMiddleware(post_form_view)
         self._check_referer_rejects(mw, req)
         self.assertIs(mw._origin_verified(req), False)
         with self.assertLogs("django.security.csrf", "WARNING") as cm:
             response = mw.process_view(req, post_form_view, (), {})
         self.assertEqual(response.status_code, 403)
-        msg = REASON_BAD_ORIGIN % req.META["HTTP_ORIGIN"]
+        msg = REASON_BAD_ORIGIN % req.meta["HTTP_ORIGIN"]
         self.assertEqual(cm.records[0].getMessage(), "Forbidden (%s): " % msg)
         self.assertEqual(mw.allowed_origins_exact, {"http://no-match.com"})
         self.assertEqual(
@@ -983,23 +983,23 @@ def test_bad_origin_cannot_be_parsed(self):
         rejected.
         """
         req = self._get_POST_request_with_token()
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_ORIGIN"] = "https://["
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_ORIGIN"] = "https://["
         mw = CsrfViewMiddleware(post_form_view)
         self._check_referer_rejects(mw, req)
         self.assertIs(mw._origin_verified(req), False)
         with self.assertLogs("django.security.csrf", "WARNING") as cm:
             response = mw.process_view(req, post_form_view, (), {})
         self.assertEqual(response.status_code, 403)
-        msg = REASON_BAD_ORIGIN % req.META["HTTP_ORIGIN"]
+        msg = REASON_BAD_ORIGIN % req.meta["HTTP_ORIGIN"]
         self.assertEqual(cm.records[0].getMessage(), "Forbidden (%s): " % msg)
 
     @override_settings(ALLOWED_HOSTS=["www.example.com"])
     def test_good_origin_insecure(self):
         """A POST HTTP request with a good origin is accepted."""
         req = self._get_POST_request_with_token()
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_ORIGIN"] = "http://www.example.com"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_ORIGIN"] = "http://www.example.com"
         mw = CsrfViewMiddleware(post_form_view)
         self.assertIs(mw._origin_verified(req), True)
         response = mw.process_view(req, post_form_view, (), {})
@@ -1010,8 +1010,8 @@ def test_good_origin_secure(self):
         """A POST HTTPS request with a good origin is accepted."""
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_ORIGIN"] = "https://www.example.com"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_ORIGIN"] = "https://www.example.com"
         mw = CsrfViewMiddleware(post_form_view)
         self.assertIs(mw._origin_verified(req), True)
         response = mw.process_view(req, post_form_view, (), {})
@@ -1028,8 +1028,8 @@ def test_good_origin_csrf_trusted_origin_allowed(self):
         """
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_ORIGIN"] = "https://dashboard.example.com"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_ORIGIN"] = "https://dashboard.example.com"
         mw = CsrfViewMiddleware(post_form_view)
         self.assertIs(mw._origin_verified(req), True)
         resp = mw.process_view(req, post_form_view, (), {})
@@ -1048,8 +1048,8 @@ def test_good_origin_wildcard_csrf_trusted_origin_allowed(self):
         """
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_HOST"] = "www.example.com"
-        req.META["HTTP_ORIGIN"] = "https://foo.example.com"
+        req.meta["HTTP_HOST"] = "www.example.com"
+        req.meta["HTTP_ORIGIN"] = "https://foo.example.com"
         mw = CsrfViewMiddleware(post_form_view)
         self.assertIs(mw._origin_verified(req), True)
         response = mw.process_view(req, post_form_view, (), {})
@@ -1331,8 +1331,8 @@ def test_https_reject_insecure_referer(self):
         """
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_REFERER"] = "http://example.com/"
-        req.META["SERVER_PORT"] = "443"
+        req.meta["HTTP_REFERER"] = "http://example.com/"
+        req.meta["SERVER_PORT"] = "443"
         mw = CsrfViewMiddleware(post_form_view)
         self._check_referer_rejects(mw, req)
         response = mw.process_view(req, post_form_view, (), {})
@@ -1468,8 +1468,8 @@ def test_https_reject_insecure_referer(self):
         """
         req = self._get_POST_request_with_token()
         req._is_secure_override = True
-        req.META["HTTP_REFERER"] = "http://example.com/"
-        req.META["SERVER_PORT"] = "443"
+        req.meta["HTTP_REFERER"] = "http://example.com/"
+        req.meta["SERVER_PORT"] = "443"
         mw = CsrfViewMiddleware(post_form_view)
         response = mw.process_view(req, post_form_view, (), {})
         self.assertContains(
diff --git a/tests/decorators/test_gzip.py b/tests/decorators/test_gzip.py
index 87eff0fe7772..35e3b95035c9 100644
--- a/tests/decorators/test_gzip.py
+++ b/tests/decorators/test_gzip.py
@@ -29,7 +29,7 @@ def sync_view(request):
             return HttpResponse(content=self.content)
 
         request = HttpRequest()
-        request.META["HTTP_ACCEPT_ENCODING"] = "gzip"
+        request.meta["HTTP_ACCEPT_ENCODING"] = "gzip"
         response = sync_view(request)
         self.assertEqual(response.status_code, 200)
         self.assertEqual(response.get("Content-Encoding"), "gzip")
@@ -40,7 +40,7 @@ async def async_view(request):
             return HttpResponse(content=self.content)
 
         request = HttpRequest()
-        request.META["HTTP_ACCEPT_ENCODING"] = "gzip"
+        request.meta["HTTP_ACCEPT_ENCODING"] = "gzip"
         response = await async_view(request)
         self.assertEqual(response.status_code, 200)
         self.assertEqual(response.get("Content-Encoding"), "gzip")
diff --git a/tests/middleware/tests.py b/tests/middleware/tests.py
index 4dc1c83c42a3..6b5d104827f6 100644
--- a/tests/middleware/tests.py
+++ b/tests/middleware/tests.py
@@ -355,14 +355,14 @@ def get_response(req):
     @override_settings(DISALLOWED_USER_AGENTS=[re.compile(r"foo")])
     def test_disallowed_user_agents(self):
         request = self.rf.get("/slash")
-        request.META["HTTP_USER_AGENT"] = "foo"
+        request.meta["HTTP_USER_AGENT"] = "foo"
         with self.assertRaisesMessage(PermissionDenied, "Forbidden user agent"):
             CommonMiddleware(get_response_empty).process_request(request)
 
     def test_non_ascii_query_string_does_not_crash(self):
         """Regression test for #15152"""
         request = self.rf.get("/slash")
-        request.META["QUERY_STRING"] = "drink=café"
+        request.meta["QUERY_STRING"] = "drink=café"
         r = CommonMiddleware(get_response_empty).process_request(request)
         self.assertIsNone(r)
         response = HttpResponseNotFound()
@@ -401,7 +401,7 @@ def get_response(self, req):
         return self.client.get(req.path)
 
     def test_404_error_reporting(self):
-        self.req.META["HTTP_REFERER"] = "/another/url/"
+        self.req.meta["HTTP_REFERER"] = "/another/url/"
         BrokenLinkEmailsMiddleware(self.get_response)(self.req)
         self.assertEqual(len(mail.outbox), 1)
         self.assertIn("Broken", mail.outbox[0].subject)
@@ -426,17 +426,17 @@ def is_ignorable_request(self, request, uri, domain, referer):
                 """Check user-agent in addition to normal checks."""
                 if super().is_ignorable_request(request, uri, domain, referer):
                     return True
-                user_agent = request.META["HTTP_USER_AGENT"]
+                user_agent = request.meta["HTTP_USER_AGENT"]
                 return any(
                     pattern.search(user_agent)
                     for pattern in self.ignored_user_agent_patterns
                 )
 
-        self.req.META["HTTP_REFERER"] = "/another/url/"
-        self.req.META["HTTP_USER_AGENT"] = "Spider machine 3.4"
+        self.req.meta["HTTP_REFERER"] = "/another/url/"
+        self.req.meta["HTTP_USER_AGENT"] = "Spider machine 3.4"
         SubclassedMiddleware(self.get_response)(self.req)
         self.assertEqual(len(mail.outbox), 0)
-        self.req.META["HTTP_USER_AGENT"] = "My user agent"
+        self.req.meta["HTTP_USER_AGENT"] = "My user agent"
         SubclassedMiddleware(self.get_response)(self.req)
         self.assertEqual(len(mail.outbox), 1)
 
@@ -445,25 +445,25 @@ def test_referer_equal_to_requested_url(self):
         Some bots set the referer to the current URL to avoid being blocked by
         an referer check (#25302).
         """
-        self.req.META["HTTP_REFERER"] = self.req.path
+        self.req.meta["HTTP_REFERER"] = self.req.path
         BrokenLinkEmailsMiddleware(self.get_response)(self.req)
         self.assertEqual(len(mail.outbox), 0)
 
         # URL with scheme and domain should also be ignored
-        self.req.META["HTTP_REFERER"] = "http://testserver%s" % self.req.path
+        self.req.meta["HTTP_REFERER"] = "http://testserver%s" % self.req.path
         BrokenLinkEmailsMiddleware(self.get_response)(self.req)
         self.assertEqual(len(mail.outbox), 0)
 
         # URL with a different scheme should be ignored as well because bots
         # tend to use http:// in referers even when browsing HTTPS websites.
-        self.req.META["HTTP_X_PROTO"] = "https"
-        self.req.META["SERVER_PORT"] = 443
+        self.req.meta["HTTP_X_PROTO"] = "https"
+        self.req.meta["SERVER_PORT"] = 443
         with self.settings(SECURE_PROXY_SSL_HEADER=("HTTP_X_PROTO", "https")):
             BrokenLinkEmailsMiddleware(self.get_response)(self.req)
         self.assertEqual(len(mail.outbox), 0)
 
     def test_referer_equal_to_requested_url_on_another_domain(self):
-        self.req.META["HTTP_REFERER"] = "http://anotherserver%s" % self.req.path
+        self.req.meta["HTTP_REFERER"] = "http://anotherserver%s" % self.req.path
         BrokenLinkEmailsMiddleware(self.get_response)(self.req)
         self.assertEqual(len(mail.outbox), 1)
 
@@ -472,7 +472,7 @@ def test_referer_equal_to_requested_url_without_trailing_slash_with_append_slash
         self,
     ):
         self.req.path = self.req.path_info = "/regular_url/that/does/not/exist/"
-        self.req.META["HTTP_REFERER"] = self.req.path_info[:-1]
+        self.req.meta["HTTP_REFERER"] = self.req.path_info[:-1]
         BrokenLinkEmailsMiddleware(self.get_response)(self.req)
         self.assertEqual(len(mail.outbox), 0)
 
@@ -481,7 +481,7 @@ def test_referer_equal_to_requested_url_without_trailing_slash_with_no_append_sl
         self,
     ):
         self.req.path = self.req.path_info = "/regular_url/that/does/not/exist/"
-        self.req.META["HTTP_REFERER"] = self.req.path_info[:-1]
+        self.req.meta["HTTP_REFERER"] = self.req.path_info[:-1]
         BrokenLinkEmailsMiddleware(self.get_response)(self.req)
         self.assertEqual(len(mail.outbox), 1)
 
@@ -542,7 +542,7 @@ def test_etag_extended_cache_control(self):
         )
 
     def test_if_none_match_and_no_etag(self):
-        self.req.META["HTTP_IF_NONE_MATCH"] = "spam"
+        self.req.meta["HTTP_IF_NONE_MATCH"] = "spam"
         resp = ConditionalGetMiddleware(self.get_response)(self.req)
         self.assertEqual(resp.status_code, 200)
 
@@ -552,13 +552,13 @@ def test_no_if_none_match_and_etag(self):
         self.assertEqual(resp.status_code, 200)
 
     def test_if_none_match_and_same_etag(self):
-        self.req.META["HTTP_IF_NONE_MATCH"] = '"spam"'
+        self.req.meta["HTTP_IF_NONE_MATCH"] = '"spam"'
         self.resp_headers["ETag"] = '"spam"'
         resp = ConditionalGetMiddleware(self.get_response)(self.req)
         self.assertEqual(resp.status_code, 304)
 
     def test_if_none_match_and_different_etag(self):
-        self.req.META["HTTP_IF_NONE_MATCH"] = "spam"
+        self.req.meta["HTTP_IF_NONE_MATCH"] = "spam"
         self.resp_headers["ETag"] = "eggs"
         resp = ConditionalGetMiddleware(self.get_response)(self.req)
         self.assertEqual(resp.status_code, 200)
@@ -571,7 +571,7 @@ def get_response(req):
             resp.status_code = 301
             return resp
 
-        self.req.META["HTTP_IF_NONE_MATCH"] = "spam"
+        self.req.meta["HTTP_IF_NONE_MATCH"] = "spam"
         resp = ConditionalGetMiddleware(get_response)(self.req)
         self.assertEqual(resp.status_code, 301)
 
@@ -582,14 +582,14 @@ def get_response(req):
             resp.status_code = 400
             return resp
 
-        self.req.META["HTTP_IF_NONE_MATCH"] = "spam"
+        self.req.meta["HTTP_IF_NONE_MATCH"] = "spam"
         resp = ConditionalGetMiddleware(get_response)(self.req)
         self.assertEqual(resp.status_code, 400)
 
     # Tests for the Last-Modified header
 
     def test_if_modified_since_and_no_last_modified(self):
-        self.req.META["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
+        self.req.meta["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
         resp = ConditionalGetMiddleware(self.get_response)(self.req)
         self.assertEqual(resp.status_code, 200)
 
@@ -599,19 +599,19 @@ def test_no_if_modified_since_and_last_modified(self):
         self.assertEqual(resp.status_code, 200)
 
     def test_if_modified_since_and_same_last_modified(self):
-        self.req.META["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
+        self.req.meta["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
         self.resp_headers["Last-Modified"] = "Sat, 12 Feb 2011 17:38:44 GMT"
         self.resp = ConditionalGetMiddleware(self.get_response)(self.req)
         self.assertEqual(self.resp.status_code, 304)
 
     def test_if_modified_since_and_last_modified_in_the_past(self):
-        self.req.META["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
+        self.req.meta["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
         self.resp_headers["Last-Modified"] = "Sat, 12 Feb 2011 17:35:44 GMT"
         resp = ConditionalGetMiddleware(self.get_response)(self.req)
         self.assertEqual(resp.status_code, 304)
 
     def test_if_modified_since_and_last_modified_in_the_future(self):
-        self.req.META["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
+        self.req.meta["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
         self.resp_headers["Last-Modified"] = "Sat, 12 Feb 2011 17:41:44 GMT"
         self.resp = ConditionalGetMiddleware(self.get_response)(self.req)
         self.assertEqual(self.resp.status_code, 200)
@@ -624,7 +624,7 @@ def get_response(req):
             resp.status_code = 301
             return resp
 
-        self.req.META["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
+        self.req.meta["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
         resp = ConditionalGetMiddleware(get_response)(self.req)
         self.assertEqual(resp.status_code, 301)
 
@@ -635,7 +635,7 @@ def get_response(req):
             resp.status_code = 400
             return resp
 
-        self.req.META["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
+        self.req.meta["HTTP_IF_MODIFIED_SINCE"] = "Sat, 12 Feb 2011 17:38:44 GMT"
         resp = ConditionalGetMiddleware(get_response)(self.req)
         self.assertEqual(resp.status_code, 400)
 
@@ -658,7 +658,7 @@ def get_response(req):
             resp.set_cookie("key", "value")
             return resp
 
-        self.req.META["HTTP_IF_NONE_MATCH"] = '"spam"'
+        self.req.meta["HTTP_IF_NONE_MATCH"] = '"spam"'
 
         new_response = ConditionalGetMiddleware(get_response)(self.req)
         self.assertEqual(new_response.status_code, 304)
@@ -853,8 +853,8 @@ class GZipMiddlewareTest(SimpleTestCase):
 
     def setUp(self):
         self.req = self.request_factory.get("/")
-        self.req.META["HTTP_ACCEPT_ENCODING"] = "gzip, deflate"
-        self.req.META[
+        self.req.meta["HTTP_ACCEPT_ENCODING"] = "gzip, deflate"
+        self.req.meta[
             "HTTP_USER_AGENT"
         ] = "Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"
         self.resp = HttpResponse()
diff --git a/tests/requests_tests/test_accept_header.py b/tests/requests_tests/test_accept_header.py
index c6eed0e4793e..2478da37b9fc 100644
--- a/tests/requests_tests/test_accept_header.py
+++ b/tests/requests_tests/test_accept_header.py
@@ -68,7 +68,7 @@ def test_no_headers(self):
 
     def test_accept_headers(self):
         request = HttpRequest()
-        request.META[
+        request.meta[
             "HTTP_ACCEPT"
         ] = "text/html, application/xhtml+xml,application/xml ;q=0.9,*/*;q=0.8"
         self.assertEqual(
@@ -83,18 +83,18 @@ def test_accept_headers(self):
 
     def test_request_accepts_any(self):
         request = HttpRequest()
-        request.META["HTTP_ACCEPT"] = "*/*"
+        request.meta["HTTP_ACCEPT"] = "*/*"
         self.assertIs(request.accepts("application/json"), True)
 
     def test_request_accepts_none(self):
         request = HttpRequest()
-        request.META["HTTP_ACCEPT"] = ""
+        request.meta["HTTP_ACCEPT"] = ""
         self.assertIs(request.accepts("application/json"), False)
         self.assertEqual(request.accepted_types, [])
 
     def test_request_accepts_some(self):
         request = HttpRequest()
-        request.META[
+        request.meta[
             "HTTP_ACCEPT"
         ] = "text/html,application/xhtml+xml,application/xml;q=0.9"
         self.assertIs(request.accepts("text/html"), True)
diff --git a/tests/requests_tests/test_data_upload_settings.py b/tests/requests_tests/test_data_upload_settings.py
index e89af0a39b82..e117ae8bd3dd 100644
--- a/tests/requests_tests/test_data_upload_settings.py
+++ b/tests/requests_tests/test_data_upload_settings.py
@@ -10,7 +10,8 @@
 from django.test.client import FakePayload
 
 TOO_MANY_FIELDS_MSG = (
-    "The number of GET/POST parameters exceeded settings.DATA_UPLOAD_MAX_NUMBER_FIELDS."
+    "The number of query_params/POST parameters exceeded "
+    "settings.DATA_UPLOAD_MAX_NUMBER_FIELDS."
 )
 TOO_MANY_FILES_MSG = (
     "The number of files exceeded settings.DATA_UPLOAD_MAX_NUMBER_FILES."
diff --git a/tests/requests_tests/tests.py b/tests/requests_tests/tests.py
index eb158bc86205..5b7d7b4ca1cc 100644
--- a/tests/requests_tests/tests.py
+++ b/tests/requests_tests/tests.py
@@ -39,7 +39,7 @@ def test_httprequest(self):
         self.assertEqual(list(request.GET), [])
         self.assertEqual(list(request.POST), [])
         self.assertEqual(list(request.COOKIES), [])
-        self.assertEqual(list(request.META), [])
+        self.assertEqual(list(request.meta), [])
 
         # .GET and .POST should be QueryDicts
         self.assertEqual(request.GET.urlencode(), "")
@@ -51,11 +51,18 @@ def test_httprequest(self):
         self.assertIsNone(request.content_type)
         self.assertIsNone(request.content_params)
 
+    def test_httprequest_META_alias(self):
+        request = HttpRequest()
+        self.assertIs(request.META, request.meta)
+        new_dict = {}
+        request.META = new_dict
+        self.assertIs(request.meta, new_dict)
+
     def test_httprequest_full_path(self):
         request = HttpRequest()
         request.path = "/;some/?awful/=path/foo:bar/"
         request.path_info = "/prefix" + request.path
-        request.META["QUERY_STRING"] = ";some=query&+query=string"
+        request.meta["QUERY_STRING"] = ";some=query&+query=string"
         expected = "/%3Bsome/%3Fawful/%3Dpath/foo:bar/?;some=query&+query=string"
         self.assertEqual(request.get_full_path(), expected)
         self.assertEqual(request.get_full_path_info(), "/prefix" + expected)
@@ -64,7 +71,7 @@ def test_httprequest_full_path_with_query_string_and_fragment(self):
         request = HttpRequest()
         request.path = "/foo#bar"
         request.path_info = "/prefix" + request.path
-        request.META["QUERY_STRING"] = "baz#quux"
+        request.meta["QUERY_STRING"] = "baz#quux"
         self.assertEqual(request.get_full_path(), "/foo%23bar?baz#quux")
         self.assertEqual(request.get_full_path_info(), "/prefix/foo%23bar?baz#quux")
 
@@ -75,7 +82,7 @@ def test_httprequest_repr(self):
         request.GET = {"get-key": "get-value"}
         request.POST = {"post-key": "post-value"}
         request.COOKIES = {"post-key": "post-value"}
-        request.META = {"post-key": "post-value"}
+        request.meta = {"post-key": "post-value"}
         self.assertEqual(repr(request), "<HttpRequest: GET '/somepath/'>")
 
     def test_httprequest_repr_invalid_method_and_path(self):
@@ -101,7 +108,7 @@ def test_wsgirequest(self):
         self.assertEqual(list(request.POST), [])
         self.assertEqual(list(request.COOKIES), [])
         self.assertEqual(
-            set(request.META),
+            set(request.meta),
             {
                 "PATH_INFO",
                 "REQUEST_METHOD",
@@ -110,9 +117,9 @@ def test_wsgirequest(self):
                 "wsgi.input",
             },
         )
-        self.assertEqual(request.META["PATH_INFO"], "bogus")
-        self.assertEqual(request.META["REQUEST_METHOD"], "bogus")
-        self.assertEqual(request.META["SCRIPT_NAME"], "")
+        self.assertEqual(request.meta["PATH_INFO"], "bogus")
+        self.assertEqual(request.meta["REQUEST_METHOD"], "bogus")
+        self.assertEqual(request.meta["SCRIPT_NAME"], "")
         self.assertEqual(request.content_type, "text/html")
         self.assertEqual(request.content_params, {"charset": "utf8"})
 
@@ -146,7 +153,7 @@ def test_wsgirequest_script_url_double_slashes(self):
         """
         WSGI squashes multiple successive slashes in PATH_INFO, WSGIRequest
         should take that into account when populating request.path and
-        request.META['SCRIPT_NAME'] (#17133).
+        request.meta['SCRIPT_NAME'] (#17133).
         """
         request = WSGIRequest(
             {
@@ -157,7 +164,7 @@ def test_wsgirequest_script_url_double_slashes(self):
             }
         )
         self.assertEqual(request.path, "/mst/milestones/accounts/login/help")
-        self.assertEqual(request.META["SCRIPT_NAME"], "/mst")
+        self.assertEqual(request.meta["SCRIPT_NAME"], "/mst")
 
     def test_wsgirequest_with_force_script_name(self):
         """
@@ -214,7 +221,7 @@ def test_wsgirequest_repr(self):
         request.GET = {"get-key": "get-value"}
         request.POST = {"post-key": "post-value"}
         request.COOKIES = {"post-key": "post-value"}
-        request.META = {"post-key": "post-value"}
+        request.meta = {"post-key": "post-value"}
         self.assertEqual(repr(request), "<WSGIRequest: GET '/somepath/'>")
 
     def test_wsgirequest_path_info(self):
@@ -1045,9 +1052,9 @@ def test_set_encoding_clears_GET(self):
                 "QUERY_STRING": "name=Hello%20G%C3%BCnter",
             }
         )
-        self.assertEqual(request.GET, {"name": ["Hello Günter"]})
+        self.assertEqual(request.query_params, {"name": ["Hello Günter"]})
         request.encoding = "iso-8859-16"
-        self.assertEqual(request.GET, {"name": ["Hello G\u0102\u0152nter"]})
+        self.assertEqual(request.query_params, {"name": ["Hello G\u0102\u0152nter"]})
 
     def test_FILES_connection_error(self):
         """
@@ -1110,7 +1117,7 @@ class HostValidationTests(SimpleTestCase):
     def test_http_get_host(self):
         # Check if X_FORWARDED_HOST is provided.
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "HTTP_X_FORWARDED_HOST": "forward.com",
             "HTTP_HOST": "example.com",
             "SERVER_NAME": "internal.com",
@@ -1121,7 +1128,7 @@ def test_http_get_host(self):
 
         # Check if X_FORWARDED_HOST isn't provided.
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "HTTP_HOST": "example.com",
             "SERVER_NAME": "internal.com",
             "SERVER_PORT": 80,
@@ -1130,7 +1137,7 @@ def test_http_get_host(self):
 
         # Check if HTTP_HOST isn't provided.
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_NAME": "internal.com",
             "SERVER_PORT": 80,
         }
@@ -1138,7 +1145,7 @@ def test_http_get_host(self):
 
         # Check if HTTP_HOST isn't provided, and we're on a nonstandard port
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_NAME": "internal.com",
             "SERVER_PORT": 8042,
         }
@@ -1162,7 +1169,7 @@ def test_http_get_host(self):
 
         for host in legit_hosts:
             request = HttpRequest()
-            request.META = {
+            request.meta = {
                 "HTTP_HOST": host,
             }
             request.get_host()
@@ -1171,7 +1178,7 @@ def test_http_get_host(self):
         for host in chain(self.poisoned_hosts, ["other.com", "example.com.."]):
             with self.assertRaises(DisallowedHost):
                 request = HttpRequest()
-                request.META = {
+                request.meta = {
                     "HTTP_HOST": host,
                 }
                 request.get_host()
@@ -1180,7 +1187,7 @@ def test_http_get_host(self):
     def test_http_get_host_with_x_forwarded_host(self):
         # Check if X_FORWARDED_HOST is provided.
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "HTTP_X_FORWARDED_HOST": "forward.com",
             "HTTP_HOST": "example.com",
             "SERVER_NAME": "internal.com",
@@ -1191,7 +1198,7 @@ def test_http_get_host_with_x_forwarded_host(self):
 
         # Check if X_FORWARDED_HOST isn't provided.
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "HTTP_HOST": "example.com",
             "SERVER_NAME": "internal.com",
             "SERVER_PORT": 80,
@@ -1200,7 +1207,7 @@ def test_http_get_host_with_x_forwarded_host(self):
 
         # Check if HTTP_HOST isn't provided.
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_NAME": "internal.com",
             "SERVER_PORT": 80,
         }
@@ -1208,7 +1215,7 @@ def test_http_get_host_with_x_forwarded_host(self):
 
         # Check if HTTP_HOST isn't provided, and we're on a nonstandard port
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_NAME": "internal.com",
             "SERVER_PORT": 8042,
         }
@@ -1227,7 +1234,7 @@ def test_http_get_host_with_x_forwarded_host(self):
 
         for host in legit_hosts:
             request = HttpRequest()
-            request.META = {
+            request.meta = {
                 "HTTP_HOST": host,
             }
             request.get_host()
@@ -1235,7 +1242,7 @@ def test_http_get_host_with_x_forwarded_host(self):
         for host in self.poisoned_hosts:
             with self.assertRaises(DisallowedHost):
                 request = HttpRequest()
-                request.META = {
+                request.meta = {
                     "HTTP_HOST": host,
                 }
                 request.get_host()
@@ -1243,7 +1250,7 @@ def test_http_get_host_with_x_forwarded_host(self):
     @override_settings(USE_X_FORWARDED_PORT=False)
     def test_get_port(self):
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_PORT": "8080",
             "HTTP_X_FORWARDED_PORT": "80",
         }
@@ -1251,7 +1258,7 @@ def test_get_port(self):
         self.assertEqual(request.get_port(), "8080")
 
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_PORT": "8080",
         }
         self.assertEqual(request.get_port(), "8080")
@@ -1259,7 +1266,7 @@ def test_get_port(self):
     @override_settings(USE_X_FORWARDED_PORT=True)
     def test_get_port_with_x_forwarded_port(self):
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_PORT": "8080",
             "HTTP_X_FORWARDED_PORT": "80",
         }
@@ -1267,7 +1274,7 @@ def test_get_port_with_x_forwarded_port(self):
         self.assertEqual(request.get_port(), "80")
 
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_PORT": "8080",
         }
         self.assertEqual(request.get_port(), "8080")
@@ -1281,13 +1288,13 @@ def test_host_validation_in_debug_mode(self):
         valid_hosts = ["localhost", "subdomain.localhost", "127.0.0.1", "[::1]"]
         for host in valid_hosts:
             request = HttpRequest()
-            request.META = {"HTTP_HOST": host}
+            request.meta = {"HTTP_HOST": host}
             self.assertEqual(request.get_host(), host)
 
         # Other hostnames raise a DisallowedHost.
         with self.assertRaises(DisallowedHost):
             request = HttpRequest()
-            request.META = {"HTTP_HOST": "example.com"}
+            request.meta = {"HTTP_HOST": "example.com"}
             request.get_host()
 
     @override_settings(ALLOWED_HOSTS=[])
@@ -1310,7 +1317,7 @@ def test_get_host_suggestion_of_allowed_host(self):
             "xn--4ca9at.com",  # Punycode for öäü.com
         ]:
             request = HttpRequest()
-            request.META = {"HTTP_HOST": host}
+            request.meta = {"HTTP_HOST": host}
             with self.assertRaisesMessage(
                 DisallowedHost, msg_suggestion % (host, host)
             ):
@@ -1323,7 +1330,7 @@ def test_get_host_suggestion_of_allowed_host(self):
         ]:
             host = "%s:%s" % (domain, port)
             request = HttpRequest()
-            request.META = {"HTTP_HOST": host}
+            request.meta = {"HTTP_HOST": host}
             with self.assertRaisesMessage(
                 DisallowedHost, msg_suggestion % (host, domain)
             ):
@@ -1331,12 +1338,12 @@ def test_get_host_suggestion_of_allowed_host(self):
 
         for host in self.poisoned_hosts:
             request = HttpRequest()
-            request.META = {"HTTP_HOST": host}
+            request.meta = {"HTTP_HOST": host}
             with self.assertRaisesMessage(DisallowedHost, msg_invalid_host % host):
                 request.get_host()
 
         request = HttpRequest()
-        request.META = {"HTTP_HOST": "invalid_hostname.com"}
+        request.meta = {"HTTP_HOST": "invalid_hostname.com"}
         with self.assertRaisesMessage(
             DisallowedHost, msg_suggestion2 % "invalid_hostname.com"
         ):
@@ -1434,7 +1441,7 @@ class RequestHeadersTests(SimpleTestCase):
 
     def test_base_request_headers(self):
         request = HttpRequest()
-        request.META = self.ENVIRON
+        request.meta = self.ENVIRON
         self.assertEqual(
             dict(request.headers),
             {
diff --git a/tests/settings_tests/tests.py b/tests/settings_tests/tests.py
index b2044878c98f..f2fbeb7e2450 100644
--- a/tests/settings_tests/tests.py
+++ b/tests/settings_tests/tests.py
@@ -373,33 +373,33 @@ def test_set_without_xheader(self):
     @override_settings(SECURE_PROXY_SSL_HEADER=("HTTP_X_FORWARDED_PROTO", "https"))
     def test_set_with_xheader_wrong(self):
         req = HttpRequest()
-        req.META["HTTP_X_FORWARDED_PROTO"] = "wrongvalue"
+        req.meta["HTTP_X_FORWARDED_PROTO"] = "wrongvalue"
         self.assertIs(req.is_secure(), False)
 
     @override_settings(SECURE_PROXY_SSL_HEADER=("HTTP_X_FORWARDED_PROTO", "https"))
     def test_set_with_xheader_right(self):
         req = HttpRequest()
-        req.META["HTTP_X_FORWARDED_PROTO"] = "https"
+        req.meta["HTTP_X_FORWARDED_PROTO"] = "https"
         self.assertIs(req.is_secure(), True)
 
     @override_settings(SECURE_PROXY_SSL_HEADER=("HTTP_X_FORWARDED_PROTO", "https"))
     def test_set_with_xheader_leftmost_right(self):
         req = HttpRequest()
-        req.META["HTTP_X_FORWARDED_PROTO"] = "https, http"
+        req.meta["HTTP_X_FORWARDED_PROTO"] = "https, http"
         self.assertIs(req.is_secure(), True)
-        req.META["HTTP_X_FORWARDED_PROTO"] = "https  , http"
+        req.meta["HTTP_X_FORWARDED_PROTO"] = "https  , http"
         self.assertIs(req.is_secure(), True)
 
     @override_settings(SECURE_PROXY_SSL_HEADER=("HTTP_X_FORWARDED_PROTO", "https"))
     def test_set_with_xheader_leftmost_not_secure(self):
         req = HttpRequest()
-        req.META["HTTP_X_FORWARDED_PROTO"] = "http, https"
+        req.meta["HTTP_X_FORWARDED_PROTO"] = "http, https"
         self.assertIs(req.is_secure(), False)
 
     @override_settings(SECURE_PROXY_SSL_HEADER=("HTTP_X_FORWARDED_PROTO", "https"))
     def test_set_with_xheader_multiple_not_secure(self):
         req = HttpRequest()
-        req.META["HTTP_X_FORWARDED_PROTO"] = "http ,wrongvalue,http,http"
+        req.meta["HTTP_X_FORWARDED_PROTO"] = "http ,wrongvalue,http,http"
         self.assertIs(req.is_secure(), False)
 
     @override_settings(SECURE_PROXY_SSL_HEADER=("HTTP_X_FORWARDED_PROTO", "https"))
@@ -411,7 +411,7 @@ def _get_scheme(self):
 
         # Client connects via HTTP.
         req = ProxyRequest()
-        req.META["HTTP_X_FORWARDED_PROTO"] = "http"
+        req.meta["HTTP_X_FORWARDED_PROTO"] = "http"
         self.assertIs(req.is_secure(), False)
 
 
diff --git a/tests/sites_tests/tests.py b/tests/sites_tests/tests.py
index f0ac9dc2ece6..6f942e6f282f 100644
--- a/tests/sites_tests/tests.py
+++ b/tests/sites_tests/tests.py
@@ -62,7 +62,7 @@ def test_delete_all_sites_clears_cache(self):
     def test_get_current_site(self):
         # The correct Site object is returned
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_NAME": "example.com",
             "SERVER_PORT": "80",
         }
@@ -85,7 +85,7 @@ def test_get_current_site(self):
     @override_settings(SITE_ID=None, ALLOWED_HOSTS=["example.com"])
     def test_get_current_site_no_site_id(self):
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_NAME": "example.com",
             "SERVER_PORT": "80",
         }
@@ -99,7 +99,7 @@ def test_get_current_site_host_with_trailing_dot(self):
         The site is matched if the name in the request has a trailing dot.
         """
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_NAME": "example.com.",
             "SERVER_PORT": "80",
         }
@@ -113,32 +113,32 @@ def test_get_current_site_no_site_id_and_handle_port_fallback(self):
         s2 = Site.objects.create(domain="example.com:80", name="example.com:80")
 
         # Host header without port
-        request.META = {"HTTP_HOST": "example.com"}
+        request.meta = {"HTTP_HOST": "example.com"}
         site = get_current_site(request)
         self.assertEqual(site, s1)
 
         # Host header with port - match, no fallback without port
-        request.META = {"HTTP_HOST": "example.com:80"}
+        request.meta = {"HTTP_HOST": "example.com:80"}
         site = get_current_site(request)
         self.assertEqual(site, s2)
 
         # Host header with port - no match, fallback without port
-        request.META = {"HTTP_HOST": "example.com:81"}
+        request.meta = {"HTTP_HOST": "example.com:81"}
         site = get_current_site(request)
         self.assertEqual(site, s1)
 
         # Host header with non-matching domain
-        request.META = {"HTTP_HOST": "example.net"}
+        request.meta = {"HTTP_HOST": "example.net"}
         with self.assertRaises(ObjectDoesNotExist):
             get_current_site(request)
 
         # Ensure domain for RequestSite always matches host header
         with self.modify_settings(INSTALLED_APPS={"remove": "django.contrib.sites"}):
-            request.META = {"HTTP_HOST": "example.com"}
+            request.meta = {"HTTP_HOST": "example.com"}
             site = get_current_site(request)
             self.assertEqual(site.name, "example.com")
 
-            request.META = {"HTTP_HOST": "example.com:80"}
+            request.meta = {"HTTP_HOST": "example.com:80"}
             site = get_current_site(request)
             self.assertEqual(site.name, "example.com:80")
 
@@ -158,7 +158,7 @@ def test_domain_name_with_whitespaces(self):
     @override_settings(ALLOWED_HOSTS=["example.com"])
     def test_clear_site_cache(self):
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_NAME": "example.com",
             "SERVER_PORT": "80",
         }
@@ -180,7 +180,7 @@ def test_clear_site_cache(self):
     def test_clear_site_cache_domain(self):
         site = Site.objects.create(name="example2.com", domain="example2.com")
         request = HttpRequest()
-        request.META = {
+        request.meta = {
             "SERVER_NAME": "example2.com",
             "SERVER_PORT": "80",
         }
@@ -227,7 +227,7 @@ def test_valid_site_id(self):
 class RequestSiteTests(SimpleTestCase):
     def setUp(self):
         request = HttpRequest()
-        request.META = {"HTTP_HOST": "example.com"}
+        request.meta = {"HTTP_HOST": "example.com"}
         self.site = RequestSite(request)
 
     def test_init_attributes(self):
diff --git a/tests/test_client/tests.py b/tests/test_client/tests.py
index cfd040f7bce3..c9425f243a7a 100644
--- a/tests/test_client/tests.py
+++ b/tests/test_client/tests.py
@@ -1103,7 +1103,7 @@ def test_trace_request_from_factory(self):
         url_path = "/somewhere/"
         request = self.request_factory.trace(url_path)
         response = trace_view(request)
-        protocol = request.META["SERVER_PROTOCOL"]
+        protocol = request.meta["SERVER_PROTOCOL"]
         echoed_request_line = "TRACE {} {}".format(url_path, protocol)
         self.assertContains(response, echoed_request_line)
 
@@ -1115,9 +1115,9 @@ def test_request_factory_default_headers(self):
             }
         ).get("/somewhere/")
         self.assertEqual(request.headers["authorization"], "Bearer faketoken")
-        self.assertIn("HTTP_AUTHORIZATION", request.META)
+        self.assertIn("HTTP_AUTHORIZATION", request.meta)
         self.assertEqual(request.headers["x-another-header"], "some other value")
-        self.assertIn("HTTP_X_ANOTHER_HEADER", request.META)
+        self.assertIn("HTTP_X_ANOTHER_HEADER", request.meta)
 
         request = RequestFactory(
             headers={
@@ -1126,9 +1126,9 @@ def test_request_factory_default_headers(self):
             }
         ).get("/somewhere/")
         self.assertEqual(request.headers["authorization"], "Bearer faketoken")
-        self.assertIn("HTTP_AUTHORIZATION", request.META)
+        self.assertIn("HTTP_AUTHORIZATION", request.meta)
         self.assertEqual(request.headers["x-another-header"], "some other value")
-        self.assertIn("HTTP_X_ANOTHER_HEADER", request.META)
+        self.assertIn("HTTP_X_ANOTHER_HEADER", request.meta)
 
     def test_request_factory_sets_headers(self):
         for method_name, view in self.http_methods_and_views:
@@ -1141,9 +1141,9 @@ def test_request_factory_sets_headers(self):
                 },
             )
             self.assertEqual(request.headers["authorization"], "Bearer faketoken")
-            self.assertIn("HTTP_AUTHORIZATION", request.META)
+            self.assertIn("HTTP_AUTHORIZATION", request.meta)
             self.assertEqual(request.headers["x-another-header"], "some other value")
-            self.assertIn("HTTP_X_ANOTHER_HEADER", request.META)
+            self.assertIn("HTTP_X_ANOTHER_HEADER", request.meta)
 
             request = method(
                 "/somewhere/",
@@ -1153,9 +1153,9 @@ def test_request_factory_sets_headers(self):
                 },
             )
             self.assertEqual(request.headers["authorization"], "Bearer faketoken")
-            self.assertIn("HTTP_AUTHORIZATION", request.META)
+            self.assertIn("HTTP_AUTHORIZATION", request.meta)
             self.assertEqual(request.headers["x-another-header"], "some other value")
-            self.assertIn("HTTP_X_ANOTHER_HEADER", request.META)
+            self.assertIn("HTTP_X_ANOTHER_HEADER", request.meta)
 
     def test_request_factory_query_params(self):
         tests = (
@@ -1310,9 +1310,9 @@ def test_request_factory_sets_headers(self):
             X_ANOTHER_HEADER="some other value",
         )
         self.assertEqual(request.headers["authorization"], "Bearer faketoken")
-        self.assertIn("HTTP_AUTHORIZATION", request.META)
+        self.assertIn("HTTP_AUTHORIZATION", request.meta)
         self.assertEqual(request.headers["x-another-header"], "some other value")
-        self.assertIn("HTTP_X_ANOTHER_HEADER", request.META)
+        self.assertIn("HTTP_X_ANOTHER_HEADER", request.meta)
 
         request = self.request_factory.get(
             "/somewhere/",
@@ -1322,9 +1322,9 @@ def test_request_factory_sets_headers(self):
             },
         )
         self.assertEqual(request.headers["authorization"], "Bearer faketoken")
-        self.assertIn("HTTP_AUTHORIZATION", request.META)
+        self.assertIn("HTTP_AUTHORIZATION", request.meta)
         self.assertEqual(request.headers["x-another-header"], "some other value")
-        self.assertIn("HTTP_X_ANOTHER_HEADER", request.META)
+        self.assertIn("HTTP_X_ANOTHER_HEADER", request.meta)
 
     def test_request_factory_query_string(self):
         request = self.request_factory.get("/somewhere/", {"example": "data"})
diff --git a/tests/test_client/views.py b/tests/test_client/views.py
index 96e0142dd315..00b8ff7b1449 100644
--- a/tests/test_client/views.py
+++ b/tests/test_client/views.py
@@ -45,7 +45,7 @@ def trace_view(request):
     elif request.body:
         return HttpResponseBadRequest("TRACE requests MUST NOT include an entity")
     else:
-        protocol = request.META["SERVER_PROTOCOL"]
+        protocol = request.meta["SERVER_PROTOCOL"]
         t = Template(
             "{{ method }} {{ uri }} {{ version }}",
             name="TRACE Template",
@@ -65,7 +65,7 @@ def put_view(request):
         t = Template("Data received: {{ data }} is the body.", name="PUT Template")
         c = Context(
             {
-                "Content-Length": request.META["CONTENT_LENGTH"],
+                "Content-Length": request.meta["CONTENT_LENGTH"],
                 "data": request.body.decode(),
             }
         )
@@ -116,7 +116,7 @@ def json_view(request):
     A view that expects a request with the header 'application/json' and JSON
     data, which is deserialized and included in the context.
     """
-    if request.META.get("CONTENT_TYPE") != "application/json":
+    if request.meta.get("CONTENT_TYPE") != "application/json":
         return HttpResponse()
 
     t = Template("Viewing {} page. With data {{ data }}.".format(request.method))
@@ -191,7 +191,7 @@ def view_with_secure(request):
     "A view that indicates if the request was secure"
     response = HttpResponse()
     response.test_was_secure_request = request.is_secure()
-    response.test_server_port = request.META.get("SERVER_PORT", 80)
+    response.test_server_port = request.meta.get("SERVER_PORT", 80)
     return response
 
 
diff --git a/tests/test_client_regress/tests.py b/tests/test_client_regress/tests.py
index a3545ebfc7aa..187db35eb412 100644
--- a/tests/test_client_regress/tests.py
+++ b/tests/test_client_regress/tests.py
@@ -1405,16 +1405,16 @@ class RequestFactoryEnvironmentTests(SimpleTestCase):
     def test_should_set_correct_env_variables(self):
         request = RequestFactory().get("/path/")
 
-        self.assertEqual(request.META.get("REMOTE_ADDR"), "127.0.0.1")
-        self.assertEqual(request.META.get("SERVER_NAME"), "testserver")
-        self.assertEqual(request.META.get("SERVER_PORT"), "80")
-        self.assertEqual(request.META.get("SERVER_PROTOCOL"), "HTTP/1.1")
+        self.assertEqual(request.meta.get("REMOTE_ADDR"), "127.0.0.1")
+        self.assertEqual(request.meta.get("SERVER_NAME"), "testserver")
+        self.assertEqual(request.meta.get("SERVER_PORT"), "80")
+        self.assertEqual(request.meta.get("SERVER_PROTOCOL"), "HTTP/1.1")
         self.assertEqual(
-            request.META.get("SCRIPT_NAME") + request.META.get("PATH_INFO"), "/path/"
+            request.meta.get("SCRIPT_NAME") + request.meta.get("PATH_INFO"), "/path/"
         )
 
     def test_cookies(self):
         factory = RequestFactory()
         factory.cookies.load('A="B"; C="D"; Path=/; Version=1')
         request = factory.get("/")
-        self.assertEqual(request.META["HTTP_COOKIE"], 'A="B"; C="D"')
+        self.assertEqual(request.meta["HTTP_COOKIE"], 'A="B"; C="D"')
diff --git a/tests/test_client_regress/views.py b/tests/test_client_regress/views.py
index 91b8bdfefc4a..eaaa734bd5ac 100644
--- a/tests/test_client_regress/views.py
+++ b/tests/test_client_regress/views.py
@@ -126,7 +126,7 @@ def return_json_response_latin1(request):
 
 def return_text_file(request):
     "A view that parses and returns text as a file."
-    match = CONTENT_TYPE_RE.match(request.META["CONTENT_TYPE"])
+    match = CONTENT_TYPE_RE.match(request.meta["CONTENT_TYPE"])
     if match:
         charset = match[1]
     else:
@@ -140,7 +140,7 @@ def return_text_file(request):
 def check_headers(request):
     "A view that responds with value of the X-ARG-CHECK header"
     return HttpResponse(
-        "HTTP_X_ARG_CHECK: %s" % request.META.get("HTTP_X_ARG_CHECK", "Undefined")
+        "HTTP_X_ARG_CHECK: %s" % request.meta.get("HTTP_X_ARG_CHECK", "Undefined")
     )
 
 
@@ -171,12 +171,12 @@ def render_template_multiple_times(request):
 
 
 def redirect_based_on_extra_headers_1_view(request):
-    if "HTTP_REDIRECT" in request.META:
+    if "HTTP_REDIRECT" in request.meta:
         return HttpResponseRedirect("/redirect_based_on_extra_headers_2/")
     return HttpResponse()
 
 
 def redirect_based_on_extra_headers_2_view(request):
-    if "HTTP_REDIRECT" in request.META:
+    if "HTTP_REDIRECT" in request.meta:
         return HttpResponseRedirect("/redirects/further/more/")
     return HttpResponse()