Theme Customizer: Add a signature to preview requests to be super-double-ultra-sure that the customizer generated the preview. Redirects can be sneaky. fixes #20507, see #19910.

git-svn-id: http://core.svn.wordpress.org/trunk@20925 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/class-wp-customize-manager.php

@@ -264,6 +264,7 @@ final class WP_Customize_Manager {
 		wp_enqueue_script( 'customize-preview' );
 		add_action( 'wp_head', array( $this, 'customize_preview_base' ) );
 		add_action( 'wp_footer', array( $this, 'customize_preview_settings' ), 20 );
+		add_action( 'shutdown', array( $this, 'customize_preview_signature' ), 1000 );
 
 		foreach ( $this->settings as $setting ) {
 			$setting->preview();
@@ -302,6 +303,15 @@ final class WP_Customize_Manager {
 		<?php
 	}
 
+	/**
+	 * Prints a signature so we can ensure the customizer was properly executed.
+	 *
+	 * @since 3.4.0
+	 */
+	public function customize_preview_signature() {
+		echo 'WP_CUSTOMIZER_SIGNATURE';
+	}
+
 	/**
 	 * Is it a theme preview?
 	 *

wp-includes/js/customize-controls.dev.js

@@ -405,7 +405,9 @@
 				data: this.query() || {},
 				success: function( response ) {
 					var iframe = self.loader()[0].contentWindow,
-						location = self.request.getResponseHeader('Location');
+						location = self.request.getResponseHeader('Location'),
+						signature = 'WP_CUSTOMIZER_SIGNATURE',
+						index;
 
 					// Check if the location response header differs from the current URL.
 					// If so, the request was redirected; try loading the requested page.
@@ -414,6 +416,14 @@
 						return;
 					}
 
+					// Check for a signature in the request.
+					index = response.lastIndexOf( signature );
+					if ( -1 === index || index < response.lastIndexOf('</html>') )
+						return;
+
+					// Strip the signature from the request.
+					response = response.slice( 0, index ) + response.slice( index + signature.length );
+
 					self.loader().one( 'load', self.loaded );
 
 					iframe.document.open();