I have a page setup using code from here: http://www.jigar.net/articles/viewhtmlcontent78.aspx in order to post to a remote HTTPS page from my HTTPS page. From what I can tell, this post is being sent in the clear.
Am I misunderstanding? If not, how can I secure the post?
Am I misunderstanding?
If the remote url starts with HTTPS then nothing will be sent in clear text. The entire communication will be done over an encrypted secure channel.
In the aforementioned article they are not using HTTPS:
myremotepost.Url = "http://www.jigar.net/demo/HttpRequestDemoServer.aspx";
Make sure you use it if you want secure communication.
On the other hand this method generates a <form> containing all the values in hidden input fields. You should not put any sensitive information such as passwords in thos ehidden fields because anyone that has access to the hosting page could browse the source and see those values. But as far as the transmission of those values to the remote site is concerned, if you use HTTPS, they will be encrypted and not send in clear.