Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-06-25 06:14:58 +02:00
Code Issues Projects Releases Wiki Activity

Customizer: [31885] actually hasn't fixed the SecurityErrors. This one does.

Browse Source 
props mattwiebe.
fixes #31687.
Built from https://develop.svn.wordpress.org/trunk@31893


git-svn-id: http://core.svn.wordpress.org/trunk@31872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Dominik Schilling 2015-03-25 23:36:27 +00:00
parent f333f9ef11
commit de7ecc80d3
5 changed files with 28 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
wp-admin/js/customize-controls.js
View File

@ -1929,25 +1929,6 @@
this.query = $.extend( params.query || {}, { customize_messenger_channel: this.channel() });
// This avoids SecurityErrors when setting a window object in x-origin iframe'd scenarios.
this.targetWindow.set = function( to ) {
var from = this._value;
to = this._setter.apply( this, arguments );
to = this.validate( to );
if ( null === to || from === to ) {
return this;
}
this._value = to;
this._dirty = true;
this.callbacks.fireWith( this, [ to, from ] );
return this;
};
this.run( deferred );
},

4
wp-admin/js/customize-controls.min.js vendored
View File

File diff suppressed because one or more lines are too long

25
wp-includes/js/customize-base.js
View File

@ -538,11 +538,34 @@ window.wp = window.wp || {};
this.add( 'channel', params.channel );
this.add( 'url', params.url || '' );
this.add( 'targetWindow', params.targetWindow || defaultTarget );
this.add( 'origin', this.url() ).link( this.url ).setter( function( to ) {
return to.replace( /([^:]+:\/\/[^\/]+).*/, '$1' );
});
// first add with no value
this.add( 'targetWindow', null );
// This avoids SecurityErrors when setting a window object in x-origin iframe'd scenarios.
this.targetWindow.set = function( to ) {
var from = this._value;
to = this._setter.apply( this, arguments );
to = this.validate( to );
if ( null === to || from === to ) {
return this;
}
this._value = to;
this._dirty = true;
this.callbacks.fireWith( this, [ to, from ] );
return this;
};
// now set it
this.targetWindow( params.targetWindow || defaultTarget );
// Since we want jQuery to treat the receive function as unique
// to this instance, we give the function a new guid.
//

2
wp-includes/js/customize-base.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.2-beta2-31892';
$wp_version = '4.2-beta2-31893';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.