From 869798d915038877ef9e7c08b5f91646b4809b81 Mon Sep 17 00:00:00 2001
From: Andrew Nacin <nacin@git.wordpress.org>
Date: Tue, 30 Dec 2014 20:40:50 +0000
Subject: [PATCH] XML-RPC: Send 405 Method Not Allowed for GET requests.

props maxcutler.
fixes #20986.


git-svn-id: https://develop.svn.wordpress.org/trunk@31004 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/class-IXR.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/wp-includes/class-IXR.php b/src/wp-includes/class-IXR.php
index 91b65e96bf..5930f562e4 100644
--- a/src/wp-includes/class-IXR.php
+++ b/src/wp-includes/class-IXR.php
@@ -402,7 +402,11 @@ class IXR_Server
     {
         if (!$data) {
             if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] !== 'POST') {
-            	header('Content-Type: text/plain'); // merged from WP #9093
+                if ( function_exists( 'status_header' ) ) {
+                    status_header( 405 ); // WP #20986
+                    header( 'Allow: POST' );
+                }
+                header('Content-Type: text/plain'); // merged from WP #9093
                 die('XML-RPC server accepts POST requests only.');
             }