QuickAuth - Google Authenticator Pebble app vulnerable to MITM attack when configuring TOTP keys

[issues () github com]

QuickAuth Pebble application loads the configuration page via HTTP. As such it is possible for an attacker to setup and 
use a MITM proxy to inject Javascript which posts the key to an external site to steal the TOTP keys as they are being 
updated on the Pebble app.

Original GitHub issue : https://github.com/JumpMaster/QuickAuth/issues/25