diff --git a/composer.lock b/composer.lock
index 5b325113..b93ca72a 100644
--- a/composer.lock
+++ b/composer.lock
@@ -12,12 +12,12 @@
             "source": {
                 "type": "git",
                 "url": "https://github.com/daita/my-small-php-tools.git",
-                "reference": "ffc91a81c84ec679379b4b8a0a34434f3697c6e7"
+                "reference": "4f96fd4cf4d87cc79c79ea5af3d6a4f133a09e2e"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/daita/my-small-php-tools/zipball/ffc91a81c84ec679379b4b8a0a34434f3697c6e7",
-                "reference": "ffc91a81c84ec679379b4b8a0a34434f3697c6e7",
+                "url": "https://api.github.com/repos/daita/my-small-php-tools/zipball/4f96fd4cf4d87cc79c79ea5af3d6a4f133a09e2e",
+                "reference": "4f96fd4cf4d87cc79c79ea5af3d6a4f133a09e2e",
                 "shasum": ""
             },
             "require": {
@@ -40,7 +40,7 @@
                 }
             ],
             "description": "My small PHP Tools",
-            "time": "2019-09-15T08:55:12+00:00"
+            "time": "2019-09-16T10:53:15+00:00"
         },
         {
             "name": "friendica/json-ld",
diff --git a/lib/Controller/LocalController.php b/lib/Controller/LocalController.php
index e61dcd08..82c747f7 100644
--- a/lib/Controller/LocalController.php
+++ b/lib/Controller/LocalController.php
@@ -195,6 +195,7 @@ class LocalController extends Controller {
 	 * get info about a post (limited to viewer rights).
 	 *
 	 * @NoAdminRequired
+	 * @PublicPage
 	 * @NoCSRFRequired
 	 *
 	 * @param string $id
@@ -203,8 +204,7 @@ class LocalController extends Controller {
 	 */
 	public function postGet(string $id): DataResponse {
 		try {
-			$this->initViewer(true);
-
+			$this->initViewer(false);
 			$stream = $this->streamService->getStreamById($id, true);
 
 			return $this->directSuccess($stream);
diff --git a/lib/Controller/SocialPubController.php b/lib/Controller/SocialPubController.php
index d83fd3b2..720fa2e2 100644
--- a/lib/Controller/SocialPubController.php
+++ b/lib/Controller/SocialPubController.php
@@ -209,14 +209,14 @@ class SocialPubController extends Controller {
 	 * @throws SocialAppConfigException
 	 */
 	public function displayPost(string $username, string $token): TemplateResponse {
-		// TODO - check viewer rights !
 		$postId = $this->configService->getSocialUrl() . '@' . $username . '/' . $token;
+		// TODO: remove this, as viewer rights are already implemented in LocalController
 		$stream = $this->streamService->getStreamById($postId, false);
 		$data = [
-			'id'   => $postId,
-			'item' => $stream,
+			'id'          => $postId,
+			'item'        => $stream,
 			'serverData'  => [
-				'public' => true,
+				'public' => ($this->userId === null),
 			],
 			'application' => 'Social'
 		];
diff --git a/lib/Db/StreamRequest.php b/lib/Db/StreamRequest.php
index fe71ddb0..57205a46 100644
--- a/lib/Db/StreamRequest.php
+++ b/lib/Db/StreamRequest.php
@@ -228,7 +228,6 @@ class StreamRequest extends StreamRequestBuilder {
 	 *
 	 * @return Stream
 	 * @throws StreamNotFoundException
-	 * @throws SocialAppConfigException
 	 */
 	public function getStreamById(string $id, bool $asViewer = false): Stream {
 		if ($id === '') {
@@ -236,15 +235,19 @@ class StreamRequest extends StreamRequestBuilder {
 		};
 
 		$qb = $this->getStreamSelectSql();
+		$expr = $qb->expr();
+
 		$this->limitToIdString($qb, $id);
-		$this->leftJoinCacheActors($qb, 'attributed_to');
+		$this->selectCacheActors($qb, 'ca');
+		$qb->andWhere($expr->eq('s.attributed_to_prim', 'ca.id_prim'));
 
 		if ($asViewer) {
 			$this->limitToViewer($qb);
-			$this->leftJoinStreamAction($qb);
+			if ($this->viewer !== null) {
+				$this->leftJoinStreamAction($qb);
+			}
 		}
 
-
 		try {
 			return $this->getStreamFromRequest($qb);
 		} catch (ItemUnknownException $e) {
diff --git a/lib/Db/StreamRequestBuilder.php b/lib/Db/StreamRequestBuilder.php
index 3d776e77..55934151 100644
--- a/lib/Db/StreamRequestBuilder.php
+++ b/lib/Db/StreamRequestBuilder.php
@@ -144,6 +144,13 @@ class StreamRequestBuilder extends CoreRequestBuilder {
 	protected function limitToViewer(IQueryBuilder $qb) {
 		$actor = $this->viewer;
 
+		// TODO - rewrite this request to use stream_dest !
+		if ($this->viewer === null) {
+			$qb->andWhere($this->exprLimitToRecipient($qb, ACore::CONTEXT_PUBLIC, false));
+
+			return;
+		}
+
 		$on = $this->exprJoinFollowing($qb, $actor);
 		$on->add($this->exprLimitToRecipient($qb, ACore::CONTEXT_PUBLIC, false));
 		$on->add($this->exprLimitToRecipient($qb, $actor->getId(), true));
diff --git a/lib/Model/ActivityPub/Stream.php b/lib/Model/ActivityPub/Stream.php
index cd3c7c12..b6061e57 100644
--- a/lib/Model/ActivityPub/Stream.php
+++ b/lib/Model/ActivityPub/Stream.php
@@ -420,9 +420,9 @@ class Stream extends ACore implements IQueryRow, JsonSerializable {
 				]
 			);
 
-			$result['cc'] = '';
-			$result['bcc'] = '';
-			$result['to'] = '';
+//			$result['cc'] = '';
+//			$result['bcc'] = '';
+//			$result['to'] = '';
 		}
 
 		$this->cleanArray($result);