Are URL query string parameters stored safely on the JotForm servers?

  • pkseet
    Asked on April 3, 2018 at 6:19 AM

    Hi,

    I understand that I can prepopulate a form by sending querystring parameters to the designated form. Are the parameters stored securely on the JotForm server, as I am considering prepopulating the form with some sensitive data?

    Thanks.

  • Kiran Support Team Lead
    Replied on April 3, 2018 at 9:19 AM

    Are you referring to prepopulating the form URL using the parameters?

    https://www.jotform.com/help/71-Prepopulating-Fields-to-Your-JotForm-via-URL-Parameters

    If so, please note that the form URL with the populated URL will not be stored in the JotForm servers. The only way to access the URL is by the URL shared by you with your users.

    If you are referring to something different, please let us know. We will be happy to assist. 

  • pkseet
    Replied on April 3, 2018 at 11:53 AM

    Hi Kiran,

    You're right, I'm referring to prepopulating the form URL using the parameters.

    I understand the user has to play their part to safeguard the URL from unauthorised access.

    From what I know, the whole URL of each request is typically stored in a server log, which means whatever is passed as parameters are visible to anyone with read access to the log. Is that the case for Jotform servers?

    Thank you.

  • David JotForm Support
    Replied on April 3, 2018 at 1:02 PM

    Form data is not stored unless the form is submitted.  All populating the form via parameters does is fill the form.  Server logs are only available to our development and admin staff.