WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Customizer: [31885] actually hasn't fixed the `SecurityError`s. This one does. 

props mattwiebe.
fixes #31687.
Built from https://develop.svn.wordpress.org/trunk@31893


git-svn-id: http://core.svn.wordpress.org/trunk@31872 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Dominik Schilling 2015-03-25 23:36:27 +00:00
parent f333f9ef11
commit de7ecc80d3
5 changed files with 28 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
wp-admin/js/customize-controls.js
View File

@ -1929,25 +1929,6 @@
this.query = $.extend( params.query || {}, { customize_messenger_channel: this.channel() }); this.query = $.extend( params.query || {}, { customize_messenger_channel: this.channel() });
// This avoids SecurityErrors when setting a window object in x-origin iframe'd scenarios.
this.targetWindow.set = function( to ) {
var from = this._value;
to = this._setter.apply( this, arguments );
to = this.validate( to );
if ( null === to || from === to ) {
return this;
}
this._value = to;
this._dirty = true;
this.callbacks.fireWith( this, [ to, from ] );
return this;
};
this.run( deferred ); this.run( deferred );
}, },

4
wp-admin/js/customize-controls.min.js vendored
View File

File diff suppressed because one or more lines are too long

25
wp-includes/js/customize-base.js
View File

@ -538,11 +538,34 @@ window.wp = window.wp || {};
this.add( 'channel', params.channel ); this.add( 'channel', params.channel );
this.add( 'url', params.url || '' ); this.add( 'url', params.url || '' );
this.add( 'targetWindow', params.targetWindow || defaultTarget );
this.add( 'origin', this.url() ).link( this.url ).setter( function( to ) { this.add( 'origin', this.url() ).link( this.url ).setter( function( to ) {
return to.replace( /([^:]+:\/\/[^\/]+).*/, '$1' ); return to.replace( /([^:]+:\/\/[^\/]+).*/, '$1' );
}); });
// first add with no value
this.add( 'targetWindow', null );
// This avoids SecurityErrors when setting a window object in x-origin iframe'd scenarios.
this.targetWindow.set = function( to ) {
var from = this._value;
to = this._setter.apply( this, arguments );
to = this.validate( to );
if ( null === to || from === to ) {
return this;
}
this._value = to;
this._dirty = true;
this.callbacks.fireWith( this, [ to, from ] );
return this;
};
// now set it
this.targetWindow( params.targetWindow || defaultTarget );
// Since we want jQuery to treat the receive function as unique // Since we want jQuery to treat the receive function as unique
// to this instance, we give the function a new guid. // to this instance, we give the function a new guid.
// //

2
wp-includes/js/customize-base.min.js vendored
View File

File diff suppressed because one or more lines are too long

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.2-beta2-31892'; $wp_version = '4.2-beta2-31893';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.