From 0dbb9c424894ad279e4c7b775c5e4e757801e5f7 Mon Sep 17 00:00:00 2001
From: Weston Ruter <westonruter@git.wordpress.org>
Date: Wed, 16 Nov 2016 20:36:40 +0000
Subject: [PATCH] Customize: Prevent edit shortcut buttons from being inserted
 into container elements in the `head` or into elements which should not get
 interactive children.

See #27403, #38672.
Fixes #38830.


git-svn-id: https://develop.svn.wordpress.org/trunk@39270 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/js/customize-selective-refresh.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/wp-includes/js/customize-selective-refresh.js b/src/wp-includes/js/customize-selective-refresh.js
index e97b1cf0a1..a106711749 100644
--- a/src/wp-includes/js/customize-selective-refresh.js
+++ b/src/wp-includes/js/customize-selective-refresh.js
@@ -109,12 +109,14 @@ wp.customize.selectiveRefresh = ( function( $, api ) {
 		 * @returns {void}
 		 */
 		createEditShortcutForPlacement: function( placement ) {
-			var partial = this, $shortcut, $placementContainer;
+			var partial = this, $shortcut, $placementContainer, illegalAncestorSelector, illegalContainerSelector;
 			if ( ! placement.container ) {
 				return;
 			}
 			$placementContainer = $( placement.container );
-			if ( ! $placementContainer.length ) {
+			illegalAncestorSelector = 'head';
+			illegalContainerSelector = 'area, audio, base, bdi, bdo, br, button, canvas, col, colgroup, command, datalist, embed, head, hr, html, iframe, img, input, keygen, label, link, map, math, menu, meta, noscript, object, optgroup, option, param, progress, rp, rt, ruby, script, select, source, style, svg, table, tbody, textarea, tfoot, thead, title, tr, track, video, wbr';
+			if ( ! $placementContainer.length || $placementContainer.is( illegalContainerSelector ) || $placementContainer.closest( illegalAncestorSelector ).length ) {
 				return;
 			}
 			$shortcut = partial.createEditShortcut();