@@ -51,7 +51,7 @@ defmodule HttpCapabilityGateway.Gateway do
5151 # which is a DoS vector -- any client can crash the handler by sending
5252 # an exotic HTTP method like PROPFIND, MKCOL, REPORT, or any arbitrary
5353 # string. The BEAM atom table is finite (~1M atoms) and not garbage
54- # collected, so String.to_atom /1 is equally dangerous (atom exhaustion).
54+ # collected, so String.to_existing_atom /1 is equally dangerous (atom exhaustion).
5555 #
5656 # Instead, we maintain an explicit allowlist of the seven standard HTTP
5757 # methods supported by this gateway. Any method not in this map is
@@ -172,7 +172,7 @@ defmodule HttpCapabilityGateway.Gateway do
172172 # This plug runs BEFORE the RateLimiter plug in the pipeline so that
173173 # rate limiting decisions can be based on the authenticated trust level.
174174 # The trust level is parsed through SafeTrust.parse_trust/1 which
175- # safely maps strings to atoms from a fixed set (no String.to_atom ).
175+ # safely maps strings to atoms from a fixed set (no String.to_existing_atom ).
176176 #
177177 # The trust level is stored in conn.assigns[:trust_level] and reused
178178 # by both the rate limiter and the request handler, avoiding duplicate
@@ -218,7 +218,7 @@ defmodule HttpCapabilityGateway.Gateway do
218218 #
219219 # Uses the @valid_methods allowlist to avoid the DoS vector inherent in
220220 # String.to_existing_atom/1 (which raises ArgumentError on unknown atoms)
221- # and String.to_atom /1 (which can exhaust the BEAM atom table).
221+ # and String.to_existing_atom /1 (which can exhaust the BEAM atom table).
222222 #
223223 # Returns the atom for known HTTP methods, or nil for unknown methods.
224224 # The caller (handle_request/1) uses this to short-circuit unknown methods
@@ -254,7 +254,7 @@ defmodule HttpCapabilityGateway.Gateway do
254254 Unknown HTTP methods (PROPFIND, MKCOL, REPORT, arbitrary strings) are
255255 rejected with 405 Method Not Allowed before reaching policy evaluation.
256256 This prevents ArgumentError crashes from String.to_existing_atom/1 and
257- atom table exhaustion from String.to_atom /1, both of which are DoS vectors.
257+ atom table exhaustion from String.to_existing_atom /1, both of which are DoS vectors.
258258 """
259259 def handle_request ( conn ) do
260260 start_time = System . monotonic_time ( )
0 commit comments