Make WordPress Core

Ticket #17667: 17667.diff

File 17667.diff, 466 bytes (added by BenChapman, 13 years ago)

Adds an if statement to the top of wp-comments-post.php which stops request and returns 404 if there is no referrer

  • wp-comments-post.php

     
    55 * @package WordPress
    66 */
    77
     8if (!isset($_SERVER['HTTP_REFERER']) || $_SERVER['HTTP_REFERER'] == '') {
     9        header('HTTP/1.1 404 Not Found');
     10        exit;
     11}
     12
    813if ( 'POST' != $_SERVER['REQUEST_METHOD'] ) {
    914        header('Allow: POST');
    1015        header('HTTP/1.1 405 Method Not Allowed');