We have a HTML page with a form, and assuming that just before submitting the form, the request is intercepted and the values entered by authorized user is tampered by some hacking tool. How can we remediate or prevent such in a web application.
Using SSL to protect data from being sniffable is valid after the request is sent, but the scenario posted here is for before the request is sent to the server.
You can encrypt the data using asymmetric encryption. You can use the public certificate of your server in the application, so, as soon as you click on submit, you can take the whole form information and encrypt it using that key. Once the information arrives at the server, the server can use its private key to decrypt this information. To avoid the public key being tampered, you can use certificate pinning technic.
