Index: wp-includes/js/customize-loader.dev.js
===================================================================
--- wp-includes/js/customize-loader.dev.js	(revision 20860)
+++ wp-includes/js/customize-loader.dev.js	(working copy)
@@ -8,7 +8,8 @@
 	Loader = $.extend( {}, api.Events, {
 		supports: {
 			history:  !! ( window.history && history.pushState ),
-			hashchange: ('onhashchange' in window) && (document.documentMode === undefined || document.documentMode > 7)
+			hashchange: ('onhashchange' in window) && (document.documentMode === undefined || document.documentMode > 7),
+			cors: (function(){ var xhr = new XMLHttpRequest(); return ( 'withCredentials' in xhr ); })()
 		},
 
 		initialize: function() {
@@ -128,6 +129,17 @@
 	});
 
 	$( function() {
+		var url, home;
+
+		if ( ! Loader.supports.cors ) {
+			url = wpCustomizeLoaderL10n.url.replace(/https?:\/\//, '');
+			home = wpCustomizeLoaderL10n.home.replace(/https?:\/\//, '');
+
+			if ( url.indexOf( home ) == -1 ) {
+				// no cors and x-domain, bail
+			}
+		}
+
 		if ( window.postMessage )
 			Loader.initialize();
 	});
Index: wp-includes/theme.php
===================================================================
--- wp-includes/theme.php	(revision 20860)
+++ wp-includes/theme.php	(working copy)
@@ -1589,7 +1589,7 @@
  * @since 3.4.0
  */
 function _wp_customize_loader_localize() {
-	$l10n = array( 'url'  => admin_url( 'admin.php' ) );
+	$l10n = array( 'url'  => admin_url( 'admin.php' ), 'home' => home_url() );
 
 	if ( is_admin() )
 		$l10n[ 'back' ] = sprintf( __( '← Return to %s' ), get_admin_page_title() );
@@ -1605,4 +1605,4 @@
  */
 function wp_customize_url( $stylesheet ) {
 	return esc_url( admin_url( 'customize.php' ) . '?theme=' . $stylesheet );
-}
\ No newline at end of file
+}