I have a security question.
In a lot of our programs, when someone logs in, the login would be checked against our LDAP and their account information would be sent back via an HTML5 FORM tag:
<form id="form" name="form" action="<% = Request.Form("ReturnURL") %>">
%....some VB code ... %>
...which is all fine and well, except when you choose to "Inspect Element..." then the form data can be clearly read in clear text. Possibly wide open for session hijacking and Lord knows what else.
Basic question: whats the best way to pass LDAP information without compromising your users?
Specifically, whats the best way to do this in CSharp?