/**

[0] Fix | Delete

* WordPress inline HTML embed

[1] Fix | Delete

*

[2] Fix | Delete

* @since 4.4.0

[3] Fix | Delete

* @output wp-includes/js/wp-embed.js

[4] Fix | Delete

*

[5] Fix | Delete

* This file cannot have ampersands in it. This is to ensure

[6] Fix | Delete

* it can be embedded in older versions of WordPress.

[7] Fix | Delete

* See https://core.trac.wordpress.org/changeset/35708.

[8] Fix | Delete

*/

[9] Fix | Delete

(function ( window, document ) {

[10] Fix | Delete

'use strict';

[11] Fix | Delete

[12] Fix | Delete

var supportedBrowser = false,

[13] Fix | Delete

loaded = false;

[14] Fix | Delete

[15] Fix | Delete

if ( document.querySelector ) {

[16] Fix | Delete

if ( window.addEventListener ) {

[17] Fix | Delete

supportedBrowser = true;

[18] Fix | Delete

}

[19] Fix | Delete

}

[20] Fix | Delete

[21] Fix | Delete

/** @namespace wp */

[22] Fix | Delete

window.wp = window.wp || {};

[23] Fix | Delete

[24] Fix | Delete

if ( !! window.wp.receiveEmbedMessage ) {

[25] Fix | Delete

return;

[26] Fix | Delete

}

[27] Fix | Delete

[28] Fix | Delete

window.wp.receiveEmbedMessage = function( e ) {

[29] Fix | Delete

var data = e.data;

[30] Fix | Delete

[31] Fix | Delete

if ( ! data ) {

[32] Fix | Delete

return;

[33] Fix | Delete

}

[34] Fix | Delete

[35] Fix | Delete

if ( ! ( data.secret || data.message || data.value ) ) {

[36] Fix | Delete

return;

[37] Fix | Delete

}

[38] Fix | Delete

[39] Fix | Delete

if ( /[^a-zA-Z0-9]/.test( data.secret ) ) {

[40] Fix | Delete

return;

[41] Fix | Delete

}

[42] Fix | Delete

[43] Fix | Delete

var iframes = document.querySelectorAll( 'iframe[data-secret="' + data.secret + '"]' ),

[44] Fix | Delete

blockquotes = document.querySelectorAll( 'blockquote[data-secret="' + data.secret + '"]' ),

[45] Fix | Delete

allowedProtocols = new RegExp( '^https?:$', 'i' ),

[46] Fix | Delete

i, source, height, sourceURL, targetURL;

[47] Fix | Delete

[48] Fix | Delete

for ( i = 0; i < blockquotes.length; i++ ) {

[49] Fix | Delete

blockquotes[ i ].style.display = 'none';

[50] Fix | Delete

}

[51] Fix | Delete

[52] Fix | Delete

for ( i = 0; i < iframes.length; i++ ) {

[53] Fix | Delete

source = iframes[ i ];

[54] Fix | Delete

[55] Fix | Delete

if ( e.source !== source.contentWindow ) {

[56] Fix | Delete

continue;

[57] Fix | Delete

}

[58] Fix | Delete

[59] Fix | Delete

source.removeAttribute( 'style' );

[60] Fix | Delete

[61] Fix | Delete

/* Resize the iframe on request. */

[62] Fix | Delete

if ( 'height' === data.message ) {

[63] Fix | Delete

height = parseInt( data.value, 10 );

[64] Fix | Delete

if ( height > 1000 ) {

[65] Fix | Delete

height = 1000;

[66] Fix | Delete

} else if ( ~~height < 200 ) {

[67] Fix | Delete

height = 200;

[68] Fix | Delete

}

[69] Fix | Delete

[70] Fix | Delete

source.height = height;

[71] Fix | Delete

}

[72] Fix | Delete

[73] Fix | Delete

/* Link to a specific URL on request. */

[74] Fix | Delete

if ( 'link' === data.message ) {

[75] Fix | Delete

sourceURL = document.createElement( 'a' );

[76] Fix | Delete

targetURL = document.createElement( 'a' );

[77] Fix | Delete

[78] Fix | Delete

sourceURL.href = source.getAttribute( 'src' );

[79] Fix | Delete

targetURL.href = data.value;

[80] Fix | Delete

[81] Fix | Delete

/* Only follow link if the protocol is in the allow list. */

[82] Fix | Delete

if ( ! allowedProtocols.test( targetURL.protocol ) ) {

[83] Fix | Delete

continue;

[84] Fix | Delete

}

[85] Fix | Delete

[86] Fix | Delete

/* Only continue if link hostname matches iframe's hostname. */

[87] Fix | Delete

if ( targetURL.host === sourceURL.host ) {

[88] Fix | Delete

if ( document.activeElement === source ) {

[89] Fix | Delete

window.top.location.href = data.value;

[90] Fix | Delete

}

[91] Fix | Delete

}

[92] Fix | Delete

}

[93] Fix | Delete

}

[94] Fix | Delete

};

[95] Fix | Delete

[96] Fix | Delete

function onLoad() {

[97] Fix | Delete

if ( loaded ) {

[98] Fix | Delete

return;

[99] Fix | Delete

}

[100] Fix | Delete

[101] Fix | Delete

loaded = true;

[102] Fix | Delete

[103] Fix | Delete

var isIE10 = -1 !== navigator.appVersion.indexOf( 'MSIE 10' ),

[104] Fix | Delete

isIE11 = !!navigator.userAgent.match( /Trident.*rv:11\./ ),

[105] Fix | Delete

iframes = document.querySelectorAll( 'iframe.wp-embedded-content' ),

[106] Fix | Delete

iframeClone, i, source, secret;

[107] Fix | Delete

[108] Fix | Delete

for ( i = 0; i < iframes.length; i++ ) {

[109] Fix | Delete

source = iframes[ i ];

[110] Fix | Delete

[111] Fix | Delete

if ( ! source.getAttribute( 'data-secret' ) ) {

[112] Fix | Delete

/* Add secret to iframe */

[113] Fix | Delete

secret = Math.random().toString( 36 ).substr( 2, 10 );

[114] Fix | Delete

source.src += '#?secret=' + secret;

[115] Fix | Delete

source.setAttribute( 'data-secret', secret );

[116] Fix | Delete

}

[117] Fix | Delete

[118] Fix | Delete

/* Remove security attribute from iframes in IE10 and IE11. */

[119] Fix | Delete

if ( ( isIE10 || isIE11 ) ) {

[120] Fix | Delete

iframeClone = source.cloneNode( true );

[121] Fix | Delete

iframeClone.removeAttribute( 'security' );

[122] Fix | Delete

source.parentNode.replaceChild( iframeClone, source );

[123] Fix | Delete

}

[124] Fix | Delete

}

[125] Fix | Delete

}

[126] Fix | Delete

[127] Fix | Delete

if ( supportedBrowser ) {

[128] Fix | Delete

window.addEventListener( 'message', window.wp.receiveEmbedMessage, false );

[129] Fix | Delete

document.addEventListener( 'DOMContentLoaded', onLoad, false );

[130] Fix | Delete

window.addEventListener( 'load', onLoad, false );

[131] Fix | Delete

}

[132] Fix | Delete

})( window, document );

[133] Fix | Delete

[134] Fix | Delete