Site has SSL - embedding vs javascript call for form

  • Profile Image
    qualityoilcompany
    Asked on January 22, 2011 at 06:17 PM

    We're going to add SSL forms to a site that has an SSL certificate. If we build the forms and check the "secure" box on the properties, can we do the javascript include on the webpage and get a lock on the browser icon? Or does the form have to be embedded (e.g. getting the Dreamweaver code) in order for the form to show in the browser as secure? We'd much prefer to use the javascript link so we can adjust the form over time and not have to update the webpage.

    Second part of the question:

    When we send the user to a custom URL "thanks" page, we should send them to https://whatever.com/thanks.php, right? If they click a link from that page that is http:// and not https://, will they get an error message or a security warning? (None of our links within the site are https:// except for the link to the secure form.)

    Thanks for the good explanation (I've seen it several times on your replies) of how to tell our clients to download the info securely and not email them the contents of the form. That was a good explanation and a great reminder.

  • Profile Image
    aytekin
    Answered on January 24, 2011 at 08:58 AM

    1. Yes, just check the "Secure" icon on the "Embed Form" wizard and then copy the javascript code provided. If you look at the code you will see that it is included with "https://".

    2. Yes, I think you should send them to a secure Thank You page. I don't think the browser will give an error message but keeping the user on "https://" should give the user more confidence that she submitted the form securely. 

    Be Safe! :)