That's a very good point and I understand that. But webhat's comment makes it seem like the whole article is invalid or the example is not correct. I definitely would not consider this as an 'obvious error' with the example. Maybe bad practice. Would you say the copy/paste issue is solved if the author just does a mass replace from 'http' to 'https' on his articel?
I don't think you're getting the point of the article. It is talking about dereferencing the STATE and the VALUE portions of a RESTful API. Not what's the most secure way of sending a credit card number over TCP/IP.