Content Mask


Read More About Content Mask

Content Mask allows you to embed any external content onto your own WordPress Pages, Posts, and Custom Post types. The end result is similar to setting up a domain mask though the content is embedded into the front end of your website.

With a simple 2-Step UI, you can download and embed external content into your website, just enable the Content Mask on any Page, Post, or Custom Post type and put in the URL that contains the content you want.

  • Using the Download method will fetch the content from the host URL via a cURL request and embed it on the page. As of version 1.2, relative URLs in the src, href, and action attributes are replaced with the absolute URL equivalent.

  • Using the Iframe method will replace the current page request with a full width/height, frameless iframe containing the host URL. This method is ideal if you rely on whitelisted IP/domain names for certain functionality including serving scripts, styles, and images.

  • Using the Redirect (301) method will just redirect the visitor to the host URL.


  • Please confirm you’re allowed to utilize and embed the content before using any particular URL, don’t Content Mask any content you don’t have license to share or use.

  • Content embedded using the Download method is cached using the WordPress Transients API for 4 hours to prevent hammering the host URL with additional traffic. If the content is updated and you would like a fresh copy, you may just click the “Update” button on the Page, Post, or Custom Post Type to refresh the transient.

  • You may use the Transients Manager plugin to manage transients stored with the Download method. All Content Mask related transients contain the prefix “content_mask-” plus a stripped version of the Content Mask URL, such as “content_mask-httpxhynkcom”.

Read More About Content Mask


  • Enable the Content Mask, set the Content Mask URL (the URL of the content you want to embed), and choose the Content Mask Method (Download, Iframe, or Redirect (301)).
  • See a list of all of the Content Masked pages, as well as their settings. Quickly enable/disable with a single click. Limited to posts/pages the current user can edit.
  • Notice the URL hasn't changed at all using the download or iframe method, but the content is 100% replaced on the front end with the Content Mask URL's content.



Okay I am officially in love with this plugin. I’ve searched this for like literally over a month now and your plugin helped me. Thank you SO SO SO SO MUCH FOR THIS PLUGIN 🙂

Read all 1 review

Contributors & Developers

“Content Mask” is open source software. The following people have contributed to this plugin.

Translate “Content Mask” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • Behind the scenes improvement with the plugin name and label
  • Addressed CSS issues with plugins that used the @keyframes name “check”
  • Prevented the process_page_request function from firing in non singular instances. Post lists and archive pages were firing the first content mask they ran across.
  • Replaced the $cm instance variable with a private variable to eliminate namespace conflicts


  • Added Content Mask admin page that shows a list of all current Content Masks that the logged in user is allowed to edit. Each row displays all the pertinent info for each Content Mask, and allows a one-click interface to disable or enable it.
  • Using the Download method will now replace all relative URLs from the Content Mask URL with an absolute URL. This includes all src, href and action attributes. Protocol relative and existing absolute URLs are unaffected, but this should allow for significant improvements to consistency, especially with local form actions and local image & script libraries.
  • Some fluff code has been removed from the front end of the Iframe method.

  • Forgot to remove class methods that were no longer in use, which triggered E_NOTICE errors in some sites.

  • Content Mask URL’s without a protocol have http:// added to them, since not all sites are secure yet. However, if your site is secure, it won’t display http:// iframes. Iframe method now checks if your site is secured with ssl, and if so force updates the Content Mask URL’s protocol to https://. If the content still is blank, it’s because the iframe’d site is insecure and wouldn’t show up either way.


  • If other (namely really large) metaboxes were hooked in, Content Mask Settings were hard to see. Moved inline CSS and JS to separate files and improved the design of the metabox to make it stand out much more when buried deeply in the admin.


  • Elegant Theme’s “Bloom” was interfering and still being hooked. It’s now been forcefully unhooked on Content Mask pages (regardless of content displayed)


  • Made Content Mask Method an array to allow for easier updating/additions in the future


  • Provided better URL validation on the front end


  • Replaced get_page_content functions cURL methods with integrated WP HTTP API methods instead
  • Added custom sanitization functions for text (URL) inputs, select boxes, and checkboxes.
  • Escaped post meta field values when returned in the admin and front-end.


  • Initial Public Repository Release