W3cubDocs

/WordPress

WP_Customize_Manager::filter_iframe_security_headers( array $headers )

Filter the X-Frame-Options and Content-Security-Policy headers to ensure frontend can load in customizer.

Parameters

$headers: (array) (Required) Headers.

Return

(array) Headers.

Source

File: wp-includes/class-wp-customize-manager.php

public function filter_iframe_security_headers( $headers ) {
		$headers['X-Frame-Options']         = 'SAMEORIGIN';
		$headers['Content-Security-Policy'] = "frame-ancestors 'self'";
		return $headers;
	}

Changelog

Version	Description
4.7.0	Introduced.

© 2003–2019 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/classes/wp_customize_manager/filter_iframe_security_headers