Problem: I want to create a custom log in control that posts securely to HTTPS without affecting other submit buttons on the page.
If I had been writing this in ASP.NET MVC or any other language for that matter, I would just create a new form tag with an form action="https://...". Now I'm stuck in a ASP.NET web forms site. That means that I can only have one forms tag in the entire page, thus ripping me off on that easy solution.
What have I tried?
I've changed the pages entire form during pre render so that the action posts to a HTTPS dress. But as I stated before, this will make all other buttons on the page also submit via SSL. I don't want that.
I've done practically the same thing using JavaScript. The nice thing about this is that I can bind the fiddeling of the action attribute to a specific button. The drawback is that If the user disables JavaScript or doesn't have support the user name and password will be submitted in clear text.
A composite approach. I could use AJAX to load a page containing the control that uses JavaScript to change the post. That way the control won't even be rendered if the user doesn't have JavaScript and instead render a button that sends the user to a log in page.
The last alternative is the best choice in my situation but it gets complicated without going into details.
So my question is, Is there any other way of achieving a secure loginin control in ASP.NET without the use of JavaScript?
I've been searching my finger off for a solution to this problem without finding anything so if any one can crack this nut, kudos!