Is it secure to submit from a HTTP form to HTTPS?

Question

Is it acceptable to submit from an http form through https? It seems like it should be secure, but it allows for a man in the middle attack (here is a good discussion). Th

Answer 1

For me (as an end-user), the value of an HTTPS session is not only that the data is encrypted, but that I have verification that the page I'm typing my super-secrets into has come from the place I want it to.

Having the form in a non-HTTPS session defeats that assurance.

(I know - this is just another way of saying that the form is subject to an MITM attack).