Athlon1600
commented
7 years ago base64 encryption is just the default. You can change it into something more secure through config.php:
https://github.com/Athlon1600/php-proxy-app/blob/master/config.php
Look at all the options.
The address is just encoded with base64, and address may be logged by gateways or firewalls it passed, which may be an unexpected privacy leak. Some firewalls now already have the function to filter the base64(or something else) content in url parameters, so it is not just a guess. I know that we can deploy it with SSL, but it will be surely better if it is safe everywhere