Encrypted Forms (Protect from HTTP and CDN Snooping)

Encrypt data submitted using forms, so it's unreadable in CDNs or over insecure HTTP

This allows your forms to use military grade encryption for forms.

It's a form of double encryption using public and private keys - the browser knows the public key and can encrypt the data in a way that no man in the middle can read any of the submitted data.

Benefits

1. Data cannot be snooped on public connections (e.g. when accessing an HTTP website in a public WIFI)
2. Websites using CDNs or other network appliances could be compromised and snoop / log submitted data. But once it's encrypted like this, they will not be able to read it, because these networks don't have the public key.

How it Works

1. The server provides a public key to the browser
2. Your JS which submits the form data to an endpoint can then use the $2sxc API to encrypt the data before sending
3. The endpoint will automatically unecrypt the submitted data (almost no changes required to the API controller)