create a .php file within the root WP folder: <?php define(‘WP_USE_THEMES’, false); require(‘wp-blog-header.php’); wp_nav_menu(array(‘theme_location’ => ‘my_menu’)); // change it with your menu location ?> and call it in your .html page (as a iframe). These only gets you the menu HTML, so you’ll also need to import the theme CSS styles. Not sure how iframe … Read more
The problem is that you are using the_excerpt(). This function prints out the excerpt immediately, it doesn’t return a string. From the core: /** * Display the post excerpt. * * @since 0.71 */ function the_excerpt() { /** * Filters the displayed post excerpt. * * @since 0.71 * * @see get_the_excerpt() * * @param … Read more
That would be more of a question for the makers of Wrike, not WordPress, since it depends on whether or not Wrike has APIs or some other way to access their data. A quick glance at their site reveals they do have an API – developers.wrike.com – you would create code that pulls the data … Read more
The apostrophs get translated in ' For the apostrophs, I guess it is an xss security feature. Check settings > reading > encoding (UTF8) But im not sure (maybe the theme sets another encoding fixed in the header instead of reading the global variable). In any case your embed show correct in my WP test … Read more
Does get_the_content_feed strip invalid tags?
WordPress plugin admin html being shown in Customizer iframe
iframe does not store session/cookie when refresh parent
Note that allowing iframes directly in a post content area can be dangerous, that’s why they’re stripped out for security reasons. Super admins on multisites or administrators on single sites have the unfiltered_html capability, and can insert anything they please into a post content area, but this is dangerous. For example, granting your author this … Read more
The recommended method for embedding iframes is using the <iframe> tag. It makes for better syntax and also allows you to control the iframe much better. For example, you are able to remove an iframe’s border, control scrolling options, etc. <iframe src=”https://jsfiddle.net/o7usdL0a/embed/result/” style=”width: 100%; height: 300px” scrolling=”no” marginwidth=”0″ marginheight=”0″ frameborder=”0″> </iframe> The <script async> and … Read more
X-Frame-Options: sameorigin By itself (and in older browsers) this would certainly deny access. However, in compliant browsers you would expect the Content-Security-Policy: header to override this. Assuming you have control over this external content, have you tried setting this header to: X-Frame-Options: allow-from https://example.com Or X-Frame-Options: sameorigin, allow-from https://example.com (Although Safari may not support the … Read more