- rayjAsked on October 17, 2012 at 12:57 PM
The reporting is GREAT - particularly the calendar. I am concerned however that the data that comes across after a select a record from a date is not secure. Is that so? (I have modified the embed code to include https://jotform... vs. http://jotform...)
- JotForm SupportDeygusAnswered on October 17, 2012 at 01:21 PM
Hi, I have noticed that you have already secured your url protocol with https://, however, to fully integrate the SSL you can make your form even more secure by replacing the www. with secure.ifrservices.com..,. You can either add it manually if you have already embedded your form by adding in the ' secure. ' or you can just use the Secure Form checkbox to change the direct url link to use before you embed your form. Please also refer to this link to better understand SSL - http://en.wikipedia.org/wiki/HTTP_Secure.
If you have any further questions or need more help please let us know.
- rayjAnswered on October 17, 2012 at 02:50 PM
Thanks for that info. I've implemented your suggestion.
Unfortunately, my problem remains: the JotForm Calendar Report has elements from http connections. So, the browser asks if the user wants to display unsecure content. How can I make all the content source from https?
If I cannot, what elements are being sent through unsecure channels?
- rayjAnswered on October 17, 2012 at 02:51 PM
- JotForm SupportNeilVicenteAnswered on October 17, 2012 at 03:32 PM
The calendar report isn't optimized for SSL yet - but you do not need to worry as only the script that is responsible for the calendar's aesthetics is not secure, particularly the jQuery script: http://code.jquery.com/jquery-latest.js
The report's data are being fetched securely by PHP scripts that are hosted in our secure servers.
If this is still bothering you, I will forward a ticket to our devs to change it so that jQuery script is securely hosted in our own domain. We can't give an ETA though, but we'll inform you once it gets completed.
- rayjAnswered on October 17, 2012 at 03:37 PM
Thanks! That's the information I needed!
And, yes, I would like you to forward a ticket with that request to your dev team. The page will be doubted by people concerned with HIPAA.
- JotForm SupportNeilVicenteAnswered on October 17, 2012 at 04:29 PM
You're quite welcome. The ticket has already been forwarded.