WP_Customize_Manager::filter_iframe_security_headers( array $headers ): array

Filters the X-Frame-Options and Content-Security-Policy headers to ensure frontend can load in customizer.


Parameters

$headers array Required
Headers.

Top ↑

Return

array Headers.


Top ↑

Source

File: wp-includes/class-wp-customize-manager.php. View all references

public function filter_iframe_security_headers( $headers ) {
	$headers['X-Frame-Options']         = 'SAMEORIGIN';
	$headers['Content-Security-Policy'] = "frame-ancestors 'self'";
	return $headers;
}

Top ↑

Changelog

Changelog
Version Description
4.7.0 Introduced.

Top ↑

User Contributed Notes

You must log in before being able to contribute a note or feedback.