- SunbridgeInstituteAsked on December 15, 2016 at 10:33 AM
I was under the impression that all of the Jotform forms were secure, and we are asking people to submit sensitive information. Has this changed? Now I see that when I try to fill out our form, it clearly says "Your connection to this site is not fully secure" in the upper left corner of the URL on my browser.
The form I am referring to is this: https://form.jotform.com/SunbridgeInstitute/waldorf-weekend-jan-2017
Please let me know if there is something that I should be doing to make our forms secure. We are getting complaints from the participants.
- AIDANAnswered on December 15, 2016 at 11:12 AM
Upon inspection of the form, we are happy to inform you that the problem is in fact quite simple and has no major security implications. The reason why the browser indicates that the form is not secure is simply because the background picture is being served from a HTTP link instead of HTTPS.
To correct that, I created an animation to show you how to use the HTTPS link for your picture, which is https://www.jotform.com/uploads/SunbridgeInstitute/form_files/SBI_logo%20white%20%28for%20colored%20background%29.png
In order to always keep your form secure, please make sure that the URLs you use for pictures start with "https://" and not "http://". Everything we provide in the form is already using HTTPS, always.
Please let us know if you need further assistance.
- JotForm SupportKevin_GAnswered on December 15, 2016 at 01:57 PM
Seems like your commend did not reach this thread, please reply opening this thread in a web browser so it is posted here: https://www.jotform.com/answers/1012384
However, I found it on our email logs, here is what you replied:
"Answered by SunbridgeInstitute
Thank you for the clear instructions. Did something change recently to cause this? I remember previously seeing the lock, yet I have not changed the image since we began with Jotform.
Regarding to the notice you were facing, do note that this is not a change implemented on JotForm, it is for security in general that this notice appears, this was because the JotForm form link is secure, but you had some sources that were not loaded from secure links (HTTP), as explained by my colleague Aidan above. Also, may be that you uploaded the file to our servers before the security was implemented in all of our features, then the link was still from as non-secure, so simply updating it should re-upload the file to a link with HTTPS and avoid this.
Here's also a link where it is explained in a bit more of details this: https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content#Mixed_active_content
If you have any question, please let us know.