It's interesting that despite this keywords are serialized all the time in Clojure land (eg in the transit format that is commonly used for frontend/backend communication).
Most json libraries will convert string keys to keywords, and they're not weak references.
An attacker can probably just send a few dozen gigabytes of random json to the average Clojure app and it's going to go down.
Most json libraries will convert string keys to keywords, and they're not weak references.
An attacker can probably just send a few dozen gigabytes of random json to the average Clojure app and it's going to go down.