Browser encrypts all requests for a secure page?

[Brit]

I have noticed a number of internet sites have the userid/password login screens on secure (https) pages while some sites have the login on a non-secure page that posts to a secure page. Is there a difference?

Does the browser encrypt all posts to secure pages even if the originating page is not secure?

Any help is appreciated.

 

[chiph]

I've noticed that too. I can't see how they can securely send your password to a secure site when you're starting on a non-secure page.

Chip H.

 

[rycamor]

>>Does the browser encrypt all posts to secure pages even if the originating page is not secure?

Of course it does! SSL encrypted data transfer applies to both the request, and the server response. Think about it: there is no way for anyone to "snoop" on a form while you are filling it out. It is just client-side data, sitting in your browser's temp repository. It only becomes public information when it is submitted. Thus even if the blank form is sent to you in clear text, the browser MUST encrypt when passing your data to the SSL location. So there is no way for someont to get clear text input from you, unless they have a keylogger on your system ;-). -------------------------------------------

"Calculus is just the meaningless manipulation of higher symbols"
                          -unknown F student