In the decodes the keys of the result are always cast to an atom. Because of the limitations on atoms and because atoms never get garbage collected this creates an attack vector for denial of service attacks since there is no way to determine the Twitter API is safe.
Since most JSON data is already parsed to structs, maybe the data should be parsed with with the as: argument which parses the data to structs through Poison.
This however does require quite an extensive refactor since parsing is most often done after decoding the data.
In the decodes the keys of the result are always cast to an atom. Because of the limitations on atoms and because atoms never get garbage collected this creates an attack vector for denial of service attacks since there is no way to determine the Twitter API is safe.
https://github.com/devinus/poison#parser
Since most JSON data is already parsed to structs, maybe the data should be parsed with with the
as:argument which parses the data to structs through Poison.This however does require quite an extensive refactor since parsing is most often done after decoding the data.