WP_Customize_Manager::filter_iframe_security_headers( array $headers )

Filter the X-Frame-Options and Content-Security-Policy headers to ensure frontend can load in customizer.


Parameters Parameters

$headers

(array) (Required) Headers.


Top ↑

Return Return

(array) Headers.


Top ↑

Source Source

File: wp-includes/class-wp-customize-manager.php

	public function filter_iframe_security_headers( $headers ) {
		$headers['X-Frame-Options']         = 'SAMEORIGIN';
		$headers['Content-Security-Policy'] = "frame-ancestors 'self'";
		return $headers;
	}

Top ↑

Changelog Changelog

Changelog
Version Description
4.7.0 Introduced.

Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.