In soda_server_client/soda_server_client.py line 30 the code allows to specify an arbitrary network protocol, including non-encrypted protocols (such as plain HTTP).
The risk is that a misconfiguration could have the application connect via plain HTTP to a server that also allows plain HTTP rather than require the more secure HTTP over TLS. As a result, the confidentiality of the communication can be breached, including user credentials that are used to authenticate against the server.
The safest solution is to use hardcoded TLS protocol.
In soda_server_client/soda_server_client.py line 30 the code allows to specify an arbitrary network protocol, including non-encrypted protocols (such as plain HTTP).
The risk is that a misconfiguration could have the application connect via plain HTTP to a server that also allows plain HTTP rather than require the more secure HTTP over TLS. As a result, the confidentiality of the communication can be breached, including user credentials that are used to authenticate against the server.
The safest solution is to use hardcoded TLS protocol.