subdomain Enumaration via side channel alerting security bug which is critical

the AlgoraWeb.Endpoint contains a logic flaw in the canonical_host/2 function  its pefroms a  database lookup Algora.Accounts.get_user_by_handle/1 and triggers a cricitical security alert Algora.Activities.alert/2 based on weather ,e a subdomain matches a valid user handle 