I have an HTML form and I have SSL running on my site and all the pages are over HTTPS.
So here is the question, Is it safe to just submit the login form in this way? and HTTPS to another HTTPS page.
<form id="login" method="post" action="assets/process.php">
<a href="#" id="flipToRecover" class="flipLink">Forgot?</a>
<input type="text" name="logEmail" id="lonEmail" value="Email" />
<input type="password" name="lonPass" id="logPass" value="pass" />
<input type="submit" name="submit" value="Login" />
I am not a security professional but I really like the subject. The word safe depends on many things, if you are using https you are creating tunnel "connect ip_address" which establishes an encrypted session with the server, which of course can be seen by anyone, but the only thing that can be sniff(intercept) is encrypted information therefore it is very difficult to see the real data. Another thing that can happen is that intercept your cookies and pose as the user, so nothing is safe, everything depends on the will and the skills of the person who wants break your security. Hope it helps.