Questions about "protect_against_basic_auth_spoofing" & Security

Hi,

I had problems while pushing packages to forgejo registery and pushing a git repository. I came across with this forum post and solved my problem:

I did

yunohost app setting gitea protect_against_basic_auth_spoofing -v false
yunohost app ssowatconf

But I wanna ask if it is safe do that? And use an app without this protection?

What “protect_against_basic_auth_spoofing” actually does?

@Josue