Changeset 6483 for sites/trunk/api.wordpress.org/public_html/themes/info/1.2/index.php

Timestamp:

01/31/2018 04:03:15 AM (8 years ago)

Author:

dd32

Message:

API: Theme Directory: Disallow POST requests to the info/1.2 api endpoint.

See #111

File:

• sites/trunk/api.wordpress.org/public_html/themes/info/1.2/index.php (modified) (1 diff)

sites/trunk/api.wordpress.org/public_html/themes/info/1.2/index.php

@@ -1 +1 @@
 <?php
 
-if ( ! defined( 'THEMES_API_SUPPORTS_ERRORS' ) ) {
-    define( 'THEMES_API_SUPPORTS_ERRORS', true );
+// Version 1.2+ only accepts GET requests
+if ( isset( $_SERVER['REQUEST_METHOD'] ) && $_SERVER['REQUEST_METHOD'] === 'POST' ) {
+    header( $_SERVER['SERVER_PROTOCOL'] . ' 405 Method not allowed' );
+    header( 'Allow: GET' );
+    header( 'Content-Type: text/plain' );
+
+    die( 'This API only serves GET requests.' );
 }