So from android 8 onwards it appears that fetching content from "cleartext" urls is disabled by default
https://stackoverflow.com/questions/45940861/android-8-cleartext-http-traffic-not-permitted
I have a mpris service running on my local computer which is connected to the android, that service is also serving cover art for currently playing song. Obviously I can not have a domain set for my computer on a local machine, so cover art urls look like
http://<ip>:<port>/<songid>.ext . Since this restriction was introduced into android 8, kde connect is not able to fetch the art from this url.
This is patch allows connections to raw IPs addresses as well. If there is any security issues regarding this change, I'm prepared to do more work, my suggestion would be to check if IP address in this case matches paired computer's IP address, although this would still be a bit annoying (especially since whatever malicious file can be served from a "cleartext" link as well).