Embedded Form Security with Formsite SSL

A large part of Formsite’s customers embed their forms into other web pages. The provided embed code allows the form to appear on any site where the form owner can access the HTML code. The embedded form appears as a seamless part of the embedding page and allows site builders to quickly add forms and surveys. A frequent question about embedding is how the embedded form security works.

Common Security Questions:

• Does my site need its own SSL to secure my form?
• Is my form secure if it’s embedded into a non-secure page?
• Can I use the Formsite SSL to secure my site?

SSL Basics

Websites use Secure Sockets Layers (SSL) as a standard security for using encrypted connections between a web server and a browser. SSL technology ensures that all data transmitted between the web server and browser remains encrypted.

Sites that use SSL begin with their ‘https’ address instead of the non-secure ‘http’ address. The secure version guarantees against interception any data between the server and the browser.

Embedded Form Security

Answer 1: No, your site does not need its own SSL for the form to be secure.

The embed code essentially opens a small browser window where it appears on the embedding page and displays the form inside that window. While it appears as part of the embedding page, the secure server actually displays the form. That connection is protected by Formsite’s SSL and all data is protected from interception.

Answer 2: Yes, the form is secure when embedded on a non-secure page.

Browsers restrict the transfer of data between the embedded form and the host page so none of the data can ‘leak’ out. The embedded form security keeps all data in the encrypted and secure connection.

Answer 3: No, it’s not possible to use Formsite’s SSL for any other site.

SSL certificates are unique for each site so protecting another site requires another SSL certificate.