Changeset 20794 for trunk/wp-includes/class-wp-customize.php
- Timestamp:
- 05/15/2012 06:46:03 PM (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/class-wp-customize.php
r20741 r20794 72 72 return; 73 73 74 $url = parse_url( admin_url() ); 75 $allowed_origins = array( 'http://' . $url[ 'host' ], 'https://' . $url[ 'host' ] ); 76 // @todo preserve port? 77 if ( isset( $_SERVER[ 'HTTP_ORIGIN' ] ) && in_array( $_SERVER[ 'HTTP_ORIGIN' ], $allowed_origins ) ) { 78 $origin = $_SERVER[ 'HTTP_ORIGIN' ]; 79 } else { 80 $origin = $url[ 'scheme' ] . '://' . $url[ 'host' ]; 81 } 82 83 @header( 'Access-Control-Allow-Origin: ' . $origin ); 84 @header( 'Access-Control-Allow-Credentials: true' ); 74 send_origin_headers(); 85 75 86 76 $this->start_previewing_theme();
Note: See TracChangeset
for help on using the changeset viewer.