WP_Customize_Manager::get_allowed_urls() WordPress Method
The WP_Customize_Manager::get_allowed_urls() method is used to get the list of allowed URLs for the Customizer. This is useful for restricting the Customizer to only load resources from a specific domain.
WP_Customize_Manager::get_allowed_urls() #
Gets URLs allowed to be previewed.
Description
If the front end and the admin are served from the same domain, load the preview over ssl if the Customizer is being loaded over ssl. This avoids insecure content warnings. This is not attempted if the admin and front end are on different domains to avoid the case where the front end doesn’t have ssl certs. Domain mapping plugins can allow other urls in these conditions using the customize_allowed_urls filter.
Return
(array) Allowed URLs.
Source
File: wp-includes/class-wp-customize-manager.php
public function get_allowed_urls() {
$allowed_urls = array( home_url( '/' ) );
if ( is_ssl() && ! $this->is_cross_domain() ) {
$allowed_urls[] = home_url( '/', 'https' );
}
/**
* Filters the list of URLs allowed to be clicked and followed in the Customizer preview.
*
* @since 3.4.0
*
* @param string[] $allowed_urls An array of allowed URLs.
*/
$allowed_urls = array_unique( apply_filters( 'customize_allowed_urls', $allowed_urls ) );
return $allowed_urls;
}
Expand full source codeCollapse full source codeView on TracView on GitHub
Changelog
| Version | Description |
|---|---|
| 4.7.0 | Introduced. |