How to encrypt data and pass it using ajax call?

Question

I am working with express js. I have a modal form which has username and password field. i am posting the form data using ajax call. everything works fine but only issue is the username and password which i am entering are visible in post header, so is there any way in jquery to encrypt the form data before submitting..

here is my code

 $("#login").click(function(){
     var d=$("#form-1").serialize();
    // console.log("serialize data=",d);
    $.ajax({
        method : 'POST',
        url  :'/login',
        data :d ,
        success:function(response){
            console.log("response=",response.message);
            if (response.message=='success'){
                $("#msg").hide();
                 $('#myModal').modal('toggle');
                console.log('in if 83');
                }
            else
                {
                console.log("in else");
                $("#msg").text("invalid username or password");
                $("#msg").show();
                }

        }
    });   

  });

@ user1354678 : so i have to add any extra attribute to my ajax call or what?...how should i manually handle cryptography? — Pritam Kale, Jun 02 '15 at 11:40
@PritamKale You need to enable HTTPS on your server and buy an SSL certificate for this. — Thomas Theunen, Jun 02 '15 at 11:41

score 4 · Accepted Answer · edited May 23 '17 at 10:29

4

You should think about using the HTTPS protocol, then this gets encrypted automatically.

For testing or if you are aware of the risks + pros and cons you can use a self signed SSL certificate: How to create a self-signed certificate with openssl?

For production you should use a valid SSL certificate, you either have to buy it or use one off those free providers.

edited May 23 '17 at 10:29

Community

1
1

answered Jun 02 '15 at 11:21

m4lt3

465
2
15

how should i achieve HTTPS protocol in my example...what i need to do? – Pritam Kale Jun 02 '15 at 11:46
You need to add the valid or self signed certificate to your webserver, enable the https connection and use for your ajax call the https connection. A specific answer would be much to complex, but you can find everything you need, on stackoverflow or some else in the internet. – m4lt3 Jun 02 '15 at 11:49

score 0 · Answer 2 · answered Jun 02 '15 at 11:24

Generally it is recommended to use SSL (Secure Socket Layer) when you are transmitting data that you don't want any third party to sniff. The data will be encrypted by browser before transmitting and can only be decrypted by your server - using public key/private key mechanism.

How to encrypt data and pass it using ajax call?

2 Answers2