It’s somewhat specific to the case of handling user login, but I proposed a protocol in this answer, and the asker ran with it and coded up an HTTP-sniffer-resistant PHP-to-JavaScript login form implementation.

The essentials of the scheme:

• Generate a random nonce value; this helps prevent replay attacks.
• Send that nonce value and the password salt to the browser along
  with the rest of the login form.
  • You are storing passwords in salted
    and hashed form, right?
• When the user enters a password, have the script on the form compute
  and send back hash(hash(password, salt), nonce) instead.
• When the server receives the form submission, have it compute hash(storedSaltedPassword, nonce) and verify that it equals the submitted
  value.
  • Retain the nonce value at
    the server; don’t trust the client to
    echo it back to you, or your replay
    protection is gone.

The weakness of this scheme is that
the password hashes in the database
are in some sense password-equivalent;
while it’s likely infeasible to
extract the original password used to
produce those hashes, knowledge of the
stored hash is sufficient to
impersonate the user on your site.