• nudelbiotop@feddit.de
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    1 year ago

    Anyone who has access to any involved network infrastructure can trace the cleartext communication and extract the credentials.

    • walkwalkwalkwalk@feddit.uk
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      What do you mean by any involved network infrastructure? The URI is encrypted by TLS, you would only see the host address/domain unless you had access to it after decryption on the server.