[wp-trac] [WordPress Trac] #65030: Customize: `isLinkPreviewable()` regex overrides `customize_allowed_urls` filter for sites with `/wp-content/` in home URL
WordPress Trac
noreply at wordpress.org
Thu Apr 9 06:42:13 UTC 2026
#65030: Customize: `isLinkPreviewable()` regex overrides `customize_allowed_urls`
filter for sites with `/wp-content/` in home URL
-----------------------------------------+--------------------------
Reporter: abhi3315 | Owner: westonruter
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: 7.1
Component: Customize | Version:
Severity: normal | Resolution:
Keywords: has-patch changes-requested | Focuses: javascript
-----------------------------------------+--------------------------
Changes (by westonruter):
* keywords: has-patch => has-patch changes-requested
* owner: (none) => westonruter
* version: 6.9.4 =>
* status: new => accepted
* milestone: Awaiting Review => 7.1
Comment:
I can see this would be a problem, although it seems very uncommon.
Really, the approach was wrong to begin with in how the `wp-admin`, `wp-
includes`, and `wp-content` paths are hard-coded. Really, these should be
exported from PHP to JS, using an approach similar to what can be seen in
the Speculative Loading functionality. See
`\WP_URL_Pattern_Prefixer::get_default_contexts()`. So we should be
obtaining the paths from `admin_url()`, `plugins_url()`, and
`content_url()`, for example. This would be a more robust way to prevent
navigations to URLs that aren't served by WP.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/65030#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list