HTTPS is still your best bet - you just need to make sure that HTTPS is essentially used. Firebug can do this for you - if you check the full URL to be used.
However, Firebug is running on the client, so it sees the data before it is encrypted / after it is unencrypted. (Just because you see “all data” does not mean that it is not encrypted “over the wire.”)
If you really need to check / see the data in an encrypted state, use something like Wireshark or Fiddler .
Extending Greg’s comment, this encryption does not allow other users on the network to view your data - both on the server and from the server. I.E., if you are in a wireless access point, this will prevent the interception of your clear-text data by other users in the access point or other less respected network operators. If you try to prevent the end user (the user using the web browser) from viewing the data, you will not be able to. Any attempt to do so will be defective in design ™.