What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.

At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.

We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.


  • Profile Image

    Web Page security with embedded form

    Asked by hartmutgunther on July 24, 2014 at 11:38 PM

    Hi

    All going well other than this...

    Our website under development is 

    https://toxno.com.au

    The site has an SSL certificate. When viewed in chrome, firefox and safari all is good until you get to the page that hosts the secure jot form.

    I have 2 images embedded in the form but they also refer to https urls on the website

    https://toxno.com.au/assess.html

    the message (and icon) that comes up in chrome and firefox is

    " Your connection to toxno.com.au is encrypted with 128-bit encryption. However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page.

    The connection uses TLS 1.2.

    The connection is encrypted and authenticated using AES_128_GCM and uses ECDHE_RSA as the key exchange mechanism."

    ALL other pages on site don't get this message.

     

    Any suggestions ??

     

    This would obviously put security conscious people off.

     

    thanks in advance - Hartmut

     

    Page URL:
    https://toxno.com.au/assess.html

    encryption message icon site
  • Profile Image

    Answered by jedcadorna on July 25, 2014 at 06:33 AM

    I think this happens because of mixed content loaded in your website which some loads HTTPS and some loads HTTP. I've seen few error in your page that some are loaded unsecurely.

    As you can see in this screenshot that some are not loaded on HTTPS and this is causing the issue.

    You'll most likely get this warning since some images from Jotform are loaded unsecured. The only solution to that is to have all scripts and images on HTTPS.

  • Profile Image

    Answered by hartmutgunther on July 25, 2014 at 06:41 AM

    Thanks a lot jedcadorna.

    I should be able to take care of most of this except the last one - I don't understand

    what  is shots.jotform...elton/radio_flat.png

    and how would I make this https

     

    thanks

  • Profile Image

    Answered by jedcadorna on July 25, 2014 at 06:49 AM

    That's from our server. He's one of our team members. I think the widget that you were using was loaded from he's ftp account and I'm not sure if that can be replaced as HTTPS. I think all of our ftp accounts are on HTTP so most likely error will be coming from that png file.

  • Profile Image

    Answered by hartmutgunther on July 25, 2014 at 06:52 AM

    Thanks, but what can I do about it? Where am I using it on the form. The only Widget I use is the Form Calculation Widget.

     

    thanks

     

  • Profile Image

    Answered by jedcadorna on July 25, 2014 at 07:20 AM

    I have cloned your form and I found the image is in your CSS settings. You can download the image and load it into your server to make it secure then give us the URL and we'll update your form image URL.

    Download it in this URL https://shots.jotform.com/elton/radio_flat.png then upload it into your server.

  • Profile Image

    Answered by hartmutgunther on July 25, 2014 at 07:43 AM

    Thanks. That code is actually in my injected CSS

    Why can't i just do as you say - download the image and but then change the injected CSS.

    That should than eliminates the need for ":  then give us the URL and we'll update your form image URL."

     

    what do you think jedcadorna 

  • Profile Image

    Answered by jedcadorna on July 25, 2014 at 07:59 AM

    Of course, you can do that on your end what I meant was if you happen to load it on your server and you need me to update your CSS I'll be glad to help, but if you can manage to do it on your end I'll just be waiting for your response and we'll see if it somehow changes the error that you are getting on your page.

  • Profile Image

    Answered by hartmutgunther on July 25, 2014 at 08:07 AM

    Thanks so much.

     

    Will keep you posted  jedcadorna

     

    Hartmut