I have several Questions regarding security.

  • Profile Image
    Asked on July 13, 2014 at 10:16 PM

    1/ If I make a form secure and then embed it on my website - particularly if it contains Paypal pro payment collection - then is there any visual feedback that the user can see that would indicate that the form is secure?


    2/ I have a SSL certificate for my site. Do I need to make the embedded jot form secure - especially if it contains an integrated  Paypal pro payment collection.


    3/ I make a Jotform secure and provide an option for the user to finish the form later (via edit link). However when the user returns to the form link, the url on this form is no longer secure (not https). Could be a problem for clients as they have email and name data stored here. Also is this interim form for the user available and visible to google and other users on the web. Can we make this edit link version secure?


    4/ As an extension to part 3 - Once the user has fully completed a form (via edit link feature and I will know this because I provide a button on the form that tells me when they have fully completed) - can this interim form be deleted so that this interim form is no longer available or accessible to the user.


    5/ finally can you have an integrated  Paypal pro payment collection on a form and yet let the user submit a partially completed version of the form ( for completion later via edit link feature). They only complete the payment info once they have fully completed the form.




    PS. Love Jotform

  • Profile Image
    Answered on July 14, 2014 at 03:35 AM


    #1 Yes. It will be visible in the browser if there were secure or non-secure content.


    #2 If you are using SSL certificate in your website, and you intend to embed your form on the website, then you should use the secure URL or embed code of the form.

    Usually, if you add non-secure content on a secure website, the non-secure content will be blocked by the website.


    #3 Are you sure you used the SSL embed code of the form? 

    Because if it is using secure URL, the edit link URL will also be using the secureversion(https)

    Just to be sure you will generate the form URLs in secure mode, make sure to logged in also in the form builder using the https URL. This one  https://www.jotform.com/login


    #4 There is really no automated means to delete the embedded form in the website. You will need to removed that form manually on the website.


    If what you wanted to achieved is prevent the same user from submitting the same form again, then you can do it by using Unique Submissions of the form.

    You can also auto disable the form by assigning limits on number of submissions or assigning date when the form will only be available. Check this user guide on How To Limit Form Submissions


    #5 Yes you can still make the user update the submission at a later date without letting them doing the payment transaction first. You will still use the Edit Link and add condition rules on the form.

    For example, on initial submission, ask the user if they wanted to Pay already or Not.

    If Not, they can still proceed and submit the form (they can edit later on and answer Yes to do the payment). 

    If they already choose Yes to Pay on the initial submit, then they can already do the payment.


    Hope this help. Inform us if you need further assistance.

    I suggest also that next time, please try to make only one question for every post. 
    It is much better even if you post multiple times as long as they are about different topics.

    When yo do that, multiple support can attend to all your post all at once which will give you faster response. Unlike when its like this.. I am the only one answering all your questions on this single post, so it took more time. =)