Tests with nodeJS and websockets on MacOS concluded that files need to be encrypted when transferring them between hosts even when using TLS encrypted connection.
When a destination-host receives a file via TLS, the operating system stores the TLS-decrypted file in its own OS cache and basically provides a link to the application requesting the file (although the programmer on application level is not aware that the file is stored locally since a listener is registered to capture incoming streaming-data). On application level it is not possible to delete the OS hosted cache file since the OS manages its cache and is very sensitive to manual interference by the user. Even a reboot and shutdown and reboot did not trigger the OS to delete its cache.