hello.
asp.net.4.5 web-form, application.
using the built in membership provider form authentication (without SSL).
after authentication success the user redirect to a aspx page that run Angular (javascript app).
is it will be less secure if i will post ajax to that same aspx page rather than using web api?
having the benefit of:
same origin policy,
could check the referer,
on top of having that page with all user credentials.
</div>