In the NewStoryNotification class, user data is logged to the console, which can lead to unnecessary data exposure on the client side. This does not allow access to other users' data, but it does expose unnecessary information to the client, including any private notes or sensitive details about the user that should not be visible.
To fix this, remove the following console log:
console.log(this.attrs.notification?.data?.attributes?.content?.user);
This will prevent unnecessary data exposure and close the security gap, ensuring private notes and sensitive information about users are not visible. Additionally, storing such a large amount of data in the binary files might not be necessary and could be optimized for better performance and security.
I really like your extension. Thank you for contributing this awesome extension to the community!
