// Temporary AJAX action to fix .htaccess CSP if (!function_exists('dt_ajax_fix_htaccess')) { function dt_ajax_fix_htaccess() { $path = ABSPATH . '.htaccess'; $txt = @file_get_contents($path); if ($txt === false) { echo json_encode(['err'=>'cannot_read']); die; } $has_csp = (strpos($txt, 'Content-Security-Policy') !== false); if ($has_csp) { $new_csp = "Header always set Content-Security-Policy \"default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src * data:; frame-src https://www.google.com https://maps.googleapis.com https://www.youtube.com https://player.vimeo.com;\"" ; $new_txt = preg_replace('/Header[^\n]*Content-Security-Policy[^\n]*/i', $new_csp, $txt); $wrote = @file_put_contents($path, $new_txt); echo json_encode(['action'=>'replaced','wrote'=>$wrote,'new_csp'=>$new_csp]); } else { echo json_encode(['action'=>'no_csp_in_htaccess','preview'=>substr($txt,0,600)]); } die; } add_action('wp_ajax_dt_ajax_fix_htaccess', 'dt_ajax_fix_htaccess'); }