2 * WordPress inline HTML embed
6 * This file cannot have ampersands in it. This is to ensure
7 * it can be embedded in older versions of WordPress.
8 * See https://core.trac.wordpress.org/changeset/35708.
10 (function ( window, document ) {
13 var supportedBrowser = false,
16 if ( document.querySelector ) {
17 if ( window.addEventListener ) {
18 supportedBrowser = true;
22 window.wp = window.wp || {};
24 if ( !! window.wp.receiveEmbedMessage ) {
28 window.wp.receiveEmbedMessage = function( e ) {
30 if ( ! ( data.secret || data.message || data.value ) ) {
34 if ( /[^a-zA-Z0-9]/.test( data.secret ) ) {
38 var iframes = document.querySelectorAll( 'iframe[data-secret="' + data.secret + '"]' ),
39 blockquotes = document.querySelectorAll( 'blockquote[data-secret="' + data.secret + '"]' ),
40 i, source, height, sourceURL, targetURL;
42 for ( i = 0; i < blockquotes.length; i++ ) {
43 blockquotes[ i ].style.display = 'none';
46 for ( i = 0; i < iframes.length; i++ ) {
47 source = iframes[ i ];
49 if ( e.source !== source.contentWindow ) {
53 source.removeAttribute( 'style' );
55 /* Resize the iframe on request. */
56 if ( 'height' === data.message ) {
57 height = parseInt( data.value, 10 );
58 if ( height > 1000 ) {
60 } else if ( ~~height < 200 ) {
64 source.height = height;
67 /* Link to a specific URL on request. */
68 if ( 'link' === data.message ) {
69 sourceURL = document.createElement( 'a' );
70 targetURL = document.createElement( 'a' );
72 sourceURL.href = source.getAttribute( 'src' );
73 targetURL.href = data.value;
75 /* Only continue if link hostname matches iframe's hostname. */
76 if ( targetURL.host === sourceURL.host ) {
77 if ( document.activeElement === source ) {
78 window.top.location.href = data.value;
92 var isIE10 = -1 !== navigator.appVersion.indexOf( 'MSIE 10' ),
93 isIE11 = !!navigator.userAgent.match( /Trident.*rv:11\./ ),
94 iframes = document.querySelectorAll( 'iframe.wp-embedded-content' ),
95 iframeClone, i, source, secret;
97 for ( i = 0; i < iframes.length; i++ ) {
98 source = iframes[ i ];
100 if ( ! source.getAttribute( 'data-secret' ) ) {
101 /* Add secret to iframe */
102 secret = Math.random().toString( 36 ).substr( 2, 10 );
103 source.src += '#?secret=' + secret;
104 source.setAttribute( 'data-secret', secret );
107 /* Remove security attribute from iframes in IE10 and IE11. */
108 if ( ( isIE10 || isIE11 ) ) {
109 iframeClone = source.cloneNode( true );
110 iframeClone.removeAttribute( 'security' );
111 source.parentNode.replaceChild( iframeClone, source );
116 if ( supportedBrowser ) {
117 window.addEventListener( 'message', window.wp.receiveEmbedMessage, false );
118 document.addEventListener( 'DOMContentLoaded', onLoad, false );
119 window.addEventListener( 'load', onLoad, false );
121 })( window, document );