-
- /*
- * If the frontend and the admin are served from the same domain, load the
- * preview over ssl if the Customizer is being loaded over ssl. This avoids
- * insecure content warnings. This is not attempted if the admin and frontend
- * are on different domains to avoid the case where the frontend doesn't have
- * ssl certs. Domain mapping plugins can allow other urls in these conditions
- * using the customize_allowed_urls filter.
- */
-
- $allowed_urls = array( home_url('/') );
- $admin_origin = parse_url( admin_url() );
- $home_origin = parse_url( home_url() );
- $cross_domain = ( strtolower( $admin_origin[ 'host' ] ) != strtolower( $home_origin[ 'host' ] ) );
-
- if ( is_ssl() && ! $cross_domain )
- $allowed_urls[] = home_url( '/', 'https' );
-
- /**
- * Filter the list of URLs allowed to be clicked and followed in the Customizer preview.
- *
- * @since 3.4.0
- *
- * @param array $allowed_urls An array of allowed URLs.
- */
- $allowed_urls = array_unique( apply_filters( 'customize_allowed_urls', $allowed_urls ) );
-
- $fallback_url = add_query_arg( array(
- 'preview' => 1,
- 'template' => $wp_customize->get_template(),
- 'stylesheet' => $wp_customize->get_stylesheet(),
- 'preview_iframe' => true,
- 'TB_iframe' => 'true'
- ), home_url( '/' ) );
-
- $login_url = add_query_arg( array(
- 'interim-login' => 1,
- 'customize-login' => 1
- ), wp_login_url() );
-
- // Prepare Customizer settings to pass to JavaScript.
- $settings = array(
- 'theme' => array(
- 'stylesheet' => $wp_customize->get_stylesheet(),
- 'active' => $wp_customize->is_theme_active(),
- ),
- 'url' => array(
- 'preview' => esc_url_raw( $url ? $url : home_url( '/' ) ),
- 'parent' => esc_url_raw( admin_url() ),
- 'activated' => esc_url_raw( home_url( '/' ) ),
- 'ajax' => esc_url_raw( admin_url( 'admin-ajax.php', 'relative' ) ),
- 'allowed' => array_map( 'esc_url_raw', $allowed_urls ),
- 'isCrossDomain' => $cross_domain,
- 'fallback' => esc_url_raw( $fallback_url ),
- 'home' => esc_url_raw( home_url( '/' ) ),
- 'login' => esc_url_raw( $login_url ),
- ),
- 'browser' => array(
- 'mobile' => wp_is_mobile(),
- 'ios' => $is_ios,
- ),
- 'settings' => array(),
- 'controls' => array(),
- 'panels' => array(),
- 'sections' => array(),
- 'nonce' => array(
- 'save' => wp_create_nonce( 'save-customize_' . $wp_customize->get_stylesheet() ),
- 'preview' => wp_create_nonce( 'preview-customize_' . $wp_customize->get_stylesheet() )
- ),
- 'autofocus' => array(),
- 'documentTitleTmpl' => $document_title_tmpl,
- );
-
- // Prepare Customize Setting objects to pass to JavaScript.
- foreach ( $wp_customize->settings() as $id => $setting ) {
- $settings['settings'][ $id ] = array(
- 'value' => $setting->js_value(),
- 'transport' => $setting->transport,
- 'dirty' => $setting->dirty,
- );
- }
-
- // Prepare Customize Control objects to pass to JavaScript.
- foreach ( $wp_customize->controls() as $id => $control ) {
- $settings['controls'][ $id ] = $control->json();
- }
-
- // Prepare Customize Section objects to pass to JavaScript.
- foreach ( $wp_customize->sections() as $id => $section ) {
- $settings['sections'][ $id ] = $section->json();
- }
-
- // Prepare Customize Panel objects to pass to JavaScript.
- foreach ( $wp_customize->panels() as $id => $panel ) {
- $settings['panels'][ $id ] = $panel->json();
- foreach ( $panel->sections as $section_id => $section ) {
- $settings['sections'][ $section_id ] = $section->json();
- }
- }
-
- // Pass to frontend the Customizer construct being deeplinked
- if ( isset( $_GET['autofocus'] ) ) {
- $autofocus = wp_unslash( $_GET['autofocus'] );
- if ( is_array( $autofocus ) ) {
- foreach ( $autofocus as $type => $id ) {
- if ( isset( $settings[ $type . 's' ][ $id ] ) ) {
- $settings['autofocus'][ $type ] = $id;
- }
- }
- }
- }
-