What is JotForm?
JotForm is a free online form builder which helps you create online forms without writing a single line of code. No sign-up required.
At JotForm, we want to make sure that you’re getting the online form builder help that you need. Our friendly customer support team is available 24/7.
We believe that if one user has a question, there could be more users who may have the same question. This is why many of our support forum threads are public and available to be searched and viewed. If you’d like help immediately, feel free to search for a similar question, or submit your question or concern.
If I embed an SSL secure jotform into my http website, is it still secure?Asked by midtownmetro on January 14, 2015 at 06:11 PM
I want to embed a secure, https jotform for donations into my website that will be powered by squarespace. I have created a test at http://www.yumadc.org/meftest
Can you confirm that if the security seal appears, then form is in fact secure, even if the https and green lock symbol are not appearing in the url because it is embedded into a non secure site?
When I embed the form (link: https://secure.jotform.us/form/50065377831153) into my site that is not http is it still secure?
Ideally, I want my user to see the green lock symbol when they are on my site, filling out the secure embedded form. Is this possible?
If you embed a secure form in a non-secure website. You'll have half of security which means that the information entered in your form would be secured, but the information from your site will not be secured.
In this scenario, I suggest that instead of embedding the form you provide a link to it using the secure URL: https://secure.jotform.us/form/50065377831153 This way your visitors will see the green lock when they want to donate.
Or add an SSL certificate to your domain and this way you can embed your form using the secure version and you can use HTTPS protocol for both your website and your form.
Hope this answers your question.
Let us know if you need further assistance.
So if I embed a jotform into Squarespace which does not have SSL, a credit card payment through the form TO the website would be secure, but a man-in-middle-attack could send fake into back to my visitors asking for information?
If you embed an SSL form (this is our standard option at this time) it will be secured, the from will be protected from potential manipulations and decryption. It will work even if you embed it to the Non-SSL web page.
So is there any reason to avoid embedding secure jotforms for taking payments/donations into non-SSL pages?