diff --git a/src/controllers/activitypub/index.js b/src/controllers/activitypub/index.js
index a8b3f88762..cc23b1c8b0 100644
--- a/src/controllers/activitypub/index.js
+++ b/src/controllers/activitypub/index.js
@@ -101,7 +101,7 @@ Controller.getInbox = async (req, res) => {
 };
 
 Controller.postInbox = async (req, res) => {
-	// Note: internal-only, hence no exposure via src/api
+	// Note: underlying methods are internal use only, hence no exposure via src/api
 	switch (req.body.type) {
 		case 'Follow': {
 			await activitypub.inbox.follow(req.body.actor.name, req.body.object.name);
diff --git a/src/middleware/index.js b/src/middleware/index.js
index 27f07e895b..b4ac00f31e 100644
--- a/src/middleware/index.js
+++ b/src/middleware/index.js
@@ -310,8 +310,8 @@ middleware.handleMultipart = (req, res, next) => {
 middleware.proceedOnActivityPub = (req, res, next) => {
 	// For whatever reason, express accepts does not recognize "profile" as a valid differentiator
 	// Therefore, manual header parsing is used here.
-	const { accept } = req.headers;
-	if (!accept || !meta.config.activitypubEnabled) {
+	const { accept, 'content-type': contentType } = req.headers;
+	if (!meta.config.activitypubEnabled || !(accept && contentType)) {
 		return next('route');
 	}
 
@@ -319,10 +319,10 @@ middleware.proceedOnActivityPub = (req, res, next) => {
 		'application/activity+json',
 		'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
 	];
-	const pass = accept.split(',').some((value) => {
+	const pass = (accept && accept.split(',').some((value) => {
 		const parts = value.split(';').map(v => v.trim());
 		return acceptable.includes(value || parts[0]);
-	});
+	})) || (contentType && acceptable.includes(contentType));
 
 	if (!pass) {
 		return next('route');