JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.
We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.
Web Page security with embedded formAsked by hartmutgunther on July 24, 2014 at 11:38 PM
All going well other than this...
Our website under development is
The site has an SSL certificate. When viewed in chrome, firefox and safari all is good until you get to the page that hosts the secure jot form.
I have 2 images embedded in the form but they also refer to https urls on the website
the message (and icon) that comes up in chrome and firefox is
" Your connection to toxno.com.au is encrypted with 128-bit encryption. However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page.
The connection uses TLS 1.2.
The connection is encrypted and authenticated using AES_128_GCM and uses ECDHE_RSA as the key exchange mechanism."
ALL other pages on site don't get this message.
Any suggestions ??
This would obviously put security conscious people off.
thanks in advance - Hartmut
I think this happens because of mixed content loaded in your website which some loads HTTPS and some loads HTTP. I've seen few error in your page that some are loaded unsecurely.
As you can see in this screenshot that some are not loaded on HTTPS and this is causing the issue.
You'll most likely get this warning since some images from Jotform are loaded unsecured. The only solution to that is to have all scripts and images on HTTPS.
Thanks a lot jedcadorna.
I should be able to take care of most of this except the last one - I don't understand
what is shots.jotform...elton/radio_flat.png
and how would I make this https
That's from our server. He's one of our team members. I think the widget that you were using was loaded from he's ftp account and I'm not sure if that can be replaced as HTTPS. I think all of our ftp accounts are on HTTP so most likely error will be coming from that png file.
Thanks, but what can I do about it? Where am I using it on the form. The only Widget I use is the Form Calculation Widget.
I have cloned your form and I found the image is in your CSS settings. You can download the image and load it into your server to make it secure then give us the URL and we'll update your form image URL.
Download it in this URL https://shots.jotform.com/elton/radio_flat.png then upload it into your server.
Thanks. That code is actually in my injected CSS
Why can't i just do as you say - download the image and but then change the injected CSS.
That should than eliminates the need for ": then give us the URL and we'll update your form image URL."
what do you think jedcadorna
Of course, you can do that on your end what I meant was if you happen to load it on your server and you need me to update your CSS I'll be glad to help, but if you can manage to do it on your end I'll just be waiting for your response and we'll see if it somehow changes the error that you are getting on your page.
Thanks so much.
Will keep you posted jedcadorna