Filter the X-Frame-Options and Content-Security-Policy headers to ensure frontend can load in customizer.
| public filter_iframe_security_headers ( array $headers ) : array | ||
| $headers | array | Headers. |
| 리턴 | array | Headers. |
/**
* Test WP_Customize_Manager::filter_iframe_security_headers().
*
* @ticket 30937
* @covers WP_Customize_Manager::filter_iframe_security_headers()
*/
function test_filter_iframe_security_headers()
{
$customize_url = admin_url('customize.php');
$wp_customize = new WP_Customize_Manager();
$headers = $wp_customize->filter_iframe_security_headers(array());
$this->assertArrayHasKey('X-Frame-Options', $headers);
$this->assertArrayHasKey('Content-Security-Policy', $headers);
$this->assertEquals("ALLOW-FROM {$customize_url}", $headers['X-Frame-Options']);
}
