Is there a way to hide credentials in Stomp?

I am running on Nette framework. I am trying to listen to RabbitMQ messages and update the browser with JavaScript when a message is received. One idea was to use stomp.js to listen to the message queue directly from the browser, but it seems I cannot hide credentials. Is there any way so that the client can’t see ‘guest’, ‘guest’ and ‘ws://localhost:15674/ws’? (Note that we don’t use node.js)

let client = Stomp.client("ws://localhost:15674/ws");

client.heartbeat.outgoing = 0;
client.heartbeat.incoming = 0;

client.debug = onDebug;

client.connect("guest", "guest", onConnect, onError, "/");`

Would it maybe be possible to listen to messages with PHP on the backend side and update the page asynchronously? I am lost at this, it needs to be secure…