login.do XSUAA credential visible in network call

Hi,

When we enable authentication for ui5 or CAP Service by XSUAA instance - app router - authentication method as route.

Then the password is visible in form data for login.do network call. Is this the expected behavior ?. If not how to encrypt this ?.

Thanks