GWT/Javascript client side password encryption

Question

I\'m implementing authorization in my gwt app, and at the moment it\'s done in the following fashion:

1. The user signs up by putting his credentials in a form, and I

Answer 1

Consider using SRP.

But that still won't help if a man in the middle sends you evil javascript than simpy sends a copy of your password to the attackers server.