[wp-trac] [WordPress Trac] #40020: Customizer fails to load in Safari due to X-Origin Header mismatch
WordPress Trac
noreply at wordpress.org
Mon Jan 14 06:37:35 UTC 2019
#40020: Customizer fails to load in Safari due to X-Origin Header mismatch
---------------------------------------------------+---------------------
Reporter: nickkeenan | Owner: pento
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 5.1
Component: Customize | Version: 4.7.2
Severity: normal | Resolution: fixed
Keywords: has-patch dev-feedback has-unit-tests | Focuses:
---------------------------------------------------+---------------------
Changes (by pento):
* owner: (none) => pento
* status: new => closed
* resolution: => fixed
Comment:
In [changeset:"44580" 44580]:
{{{
#!CommitTicketReference repository="" revision="44580"
Customizer: Improve browser compatibility of the preview iframe.
When `home` and `siteurl` are different, the customizer preview iframe
will be blank in Chrome and Safari, due to their `X-Frame-Options`
implementation quirks.
Changing this to `SAMEORIGIN` and adding the `frame-ancestors` Content
Security Policy gives the correct behaviour.
Props fullyint.
Fixes #40020.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/40020#comment:15>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list