Is this server started by Zoom? In order to implement an endpoint, they’d have to ship a server along with the client. And this server would always be running? Is this not overkill for such a small feature (being able to click a link)
The author is explaining how they could have done it more securely. I think everyone here including the author would agree it's a ridiculous solution for this "feature".