WP_Customize_Manager::filter_iframe_security_headerspublicWP 4.7.0

Filters the X-Frame-Options and Content-Security-Policy headers to ensure frontend can load in customizer.

Method of the class: WP_Customize_Manager{}

No Hooks.

Returns

Array. Headers.

Usage

$WP_Customize_Manager = new WP_Customize_Manager();
$WP_Customize_Manager->filter_iframe_security_headers( $headers );
$headers(array) (required)
Headers.

Changelog

Since 4.7.0 Introduced.

WP_Customize_Manager::filter_iframe_security_headers() code WP 7.0

wp-includes/class-wp-customize-manager.php 
public function filter_iframe_security_headers( $headers ) {
	$headers['X-Frame-Options']         = 'SAMEORIGIN';
	$headers['Content-Security-Policy'] = "frame-ancestors 'self'";
	return $headers;
}