WP_Customize_Manager::filter_iframe_security_headers( array $headers )

Filters the X-Frame-Options and Content-Security-Policy headers to ensure frontend can load in customizer.

Parameters Parameters


(array) (Required) Headers.

Top ↑

Return Return

(array) Headers.

Top ↑

Source Source

File: wp-includes/class-wp-customize-manager.php

	public function filter_iframe_security_headers( $headers ) {
		$headers['X-Frame-Options']         = 'SAMEORIGIN';
		$headers['Content-Security-Policy'] = "frame-ancestors 'self'";
		return $headers;

Top ↑

Changelog Changelog

Version Description
4.7.0 Introduced.

Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.