Anyone between you and the server can change the content of the page on unencrypted connections. I would love to live in a world where encryption is unnecessary, but unfortunately that world does not exist right now.

You could do signatures/MAC without encryption to guarantee that the message was not modified