Source
File: wp-includes/embed.php
function get_post_embed_html( $width, $height, $post = null ) {
$post = get_post( $post );
if ( ! $post ) {
return false;
}
$embed_url = get_post_embed_url( $post );
$output = '<blockquote class="wp-embedded-content"><a href="' . esc_url( get_permalink( $post ) ) . '">' . get_the_title( $post ) . "</a></blockquote>\n";
$output .= "<script type='text/javascript'>\n";
$output .= "<!--//--><![CDATA[//><!--\n";
if ( SCRIPT_DEBUG ) {
$output .= file_get_contents( ABSPATH . WPINC . '/js/wp-embed.js' );
} else {
/*
* If you're looking at a src version of this file, you'll see an "include"
* statement below. This is used by the `npm run build` process to directly
* include a minified version of wp-embed.js, instead of using the
* file_get_contents() method from above.
*
* If you're looking at a build version of this file, you'll see a string of
* minified JavaScript. If you need to debug it, please turn on SCRIPT_DEBUG
* and edit wp-embed.js directly.
*/
$output .= <<<JS
/*! This file is auto-generated */
!function(d,l){"use strict";var e=!1,o=!1;if(l.querySelector)if(d.addEventListener)e=!0;if(d.wp=d.wp||{},!d.wp.receiveEmbedMessage)if(d.wp.receiveEmbedMessage=function(e){var t=e.data;if(t)if(t.secret||t.message||t.value)if(!/[^a-zA-Z0-9]/.test(t.secret)){var r,a,i,s,n,o=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),c=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]');for(r=0;r<c.length;r++)c[r].style.display="none";for(r=0;r<o.length;r++)if(a=o[r],e.source===a.contentWindow){if(a.removeAttribute("style"),"height"===t.message){if(1e3<(i=parseInt(t.value,10)))i=1e3;else if(~~i<200)i=200;a.height=i}if("link"===t.message)if(s=l.createElement("a"),n=l.createElement("a"),s.href=a.getAttribute("src"),n.href=t.value,n.host===s.host)if(l.activeElement===a)d.top.location.href=t.value}}},e)d.addEventListener("message",d.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",t,!1),d.addEventListener("load",t,!1);function t(){if(!o){o=!0;var e,t,r,a,i=-1!==navigator.appVersion.indexOf("MSIE 10"),s=!!navigator.userAgent.match(/Trident.*rv:11\./),n=l.querySelectorAll("iframe.wp-embedded-content");for(t=0;t<n.length;t++){if(!(r=n[t]).getAttribute("data-secret"))a=Math.random().toString(36).substr(2,10),r.src+="#?secret="+a,r.setAttribute("data-secret",a);if(i||s)(e=r.cloneNode(!0)).removeAttribute("security"),r.parentNode.replaceChild(e,r)}}}}(window,document);
JS;
}
$output .= "\n//--><!]]>";
$output .= "\n</script>";
$output .= sprintf(
'<iframe sandbox="allow-scripts" security="restricted" src="%1$s" width="%2$d" height="%3$d" title="%4$s" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe>',
esc_url( $embed_url ),
absint( $width ),
absint( $height ),
esc_attr(
sprintf(
/* translators: 1: Post title, 2: Site title. */
__( '“%1$s” — %2$s' ),
get_the_title( $post ),
get_bloginfo( 'name' )
)
)
);
/**
* Filters the embed HTML output for a given post.
*
* @since 4.4.0
*
* @param string $output The default iframe tag to display embedded content.
* @param WP_Post $post Current post object.
* @param int $width Width of the response.
* @param int $height Height of the response.
*/
return apply_filters( 'embed_html', $output, $post, $width, $height );
}