From 9af410f921f1458ba02f0ca767b0af30f0a8e9c0 Mon Sep 17 00:00:00 2001
From: Adam Kelly <adam@cthulahoops.org>
Date: Fri, 22 May 2020 14:20:27 +0100
Subject: [PATCH] Silently ignore unauthorised deletes.

Fixes: #166
---
 fedireads/incoming.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/fedireads/incoming.py b/fedireads/incoming.py
index ceefebc97..58da92923 100644
--- a/fedireads/incoming.py
+++ b/fedireads/incoming.py
@@ -45,6 +45,10 @@ def shared_inbox(request):
         return HttpResponseBadRequest()
 
     if not has_valid_signature(request, activity):
+        if activity['type'] == 'Delete':
+            # Pretend that unauth'd deletes succeed. Auth may be failing because
+            # the resource or owner of the resource might have been deleted.
+            return HttpResponse()
         return HttpResponse(status=401)
 
     handlers = {