Form submissions to external non-secure (http) pages will result in a security warning for users

Rule from ssl under security category

What is a trooper!

we have submitted your edit to the community for review! We'll review and make it live on the site in the next few hours, the internet thanks you :).

Browse another section of the knowledge base



Suggest an edit

Cancel

This rule has no content... yet.

Add content to this rule

Or just browse to view rules that have content



 

The page uses HTTPS which is great for your users.

The page uses HTTPS which is great for your users. However, when there is a form on the page, it submits to a non-secured page (be it internal or external pages). Browsers will therefore change your "secure" page to "insecure" in the URL bar. Firefox takes this a step further and shows a 'dialog warning' to users that they are submitting to a 'non-secured page' in a dialog. Users are asked to click "continue" if they want to take the risk, which is a rather scary message.

This happens because one of the forms on the page has its action= set to a http:// page from a https:// page.

Look for something like the following:

<form method="POST" url="http://external.example.com/add">

How do I fix this ?

Ensure the target page for your form supports https as well. Then change the URL to the https version of the URL:

<form method="POST" url="https://external.example.com/add">

Resources

Browse another section of the knowledge base



Signup icon
Ready to see how well your site scores?

Passmarked works best when you have an account. It allows you to keep a dashboard with saved data of the sites you have run through the system, we’ll alert you about important updates and you get access to the Passmarked Slack forum.

Sign up to get started