WordPress.org

Make WordPress Core

Ticket #20681: 20681.2.diff

File 20681.2.diff, 1.4 KB (added by ryan, 6 years ago)

Attempt loading preview over ssl if admin is ssl

  • wp-includes/customize-controls.php

     
    9292
    9393        do_action( 'customize_controls_print_footer_scripts' );
    9494
     95        // If the frontend and the admin are served from the same domain, load the
     96        // preview over ssl if the customizer is being loaded over ssl. This avoids
     97        // insecure content warnings. This is not attempted if the admin and frontend
     98        // are on different domains to avoid the case where ther frontend doesn't have
     99        // ssl certs. Domain mapping plugins can force ssl in these conditions using
     100        // the customizer_preview_link filter.
     101        $admin_origin = parse_url( admin_url() );
     102        $home_origin = parse_url( home_url() );
     103        $scheme = null;
     104        if ( is_ssl() && ( $admin_origin[ 'host' ] == $admin_origin[ 'host' ] ) )
     105                $scheme = 'https';
     106
     107        $preview_url = apply_filters( 'customizer_preview_link',  home_url( '/', $scheme ) );
     108
    95109        $settings = array(
    96110                'theme'    => array(
    97111                        'stylesheet' => $this->get_stylesheet(),
    98112                        'active'     => $this->is_current_theme_active(),
    99113                ),
    100114                'url'      => array(
    101                         'preview'  => esc_url( home_url( '/' ) ),
     115                        'preview'  => esc_url( $preview_url ),
    102116                        'parent'   => esc_url( admin_url() ),
    103117                        'ajax'     => esc_url( admin_url( 'admin-ajax.php', 'relative' ) ),
    104118                ),