Support » Plugin: Fast Secure Contact Form » [Plugin: Fast Secure Contact Form] Feature Request: Submit Form with HTTPS

  • Hi Mike,

    I’ve just been reviewing the use of SSL on my sites, and it occurred to me that there are times when I’d like to submit form data securely using a form action based on HTTPS instead of HTTP. Would you please consider adding a configuration setting so that form administrators can choose between these two different ways of posting the form data?

    As always, thanks for considering my request!

    Best wishes,

    Fred

    P.S. I can use the WordPress HTTPS plugin to force HTTPS on the entire contact form page, but that’s a brute-force solution — not very elegant!

    http://wordpress.org/extend/plugins/si-contact-form/

Viewing 5 replies - 1 through 5 (of 5 total)
  • Because the form uses shortcode to load anywhere on any Page, Sidebar, or Post, it has no pre-awareness of what page it is on. It is a “plugin” to your page. Therefore I am not able to make a setting for controlling https or not. By the time it starts via the shortcode, half of the page is likely already printed to screen.

    WordPress HTTPS plugin can make the page https and the form is compatible with that.

    Hi Mike,

    Thanks for your speedy reply! I must apologize for not explaining myself clearly. What I’m asking is actually very easy to do.

    I’m asking you to change just the form action, not the protocol for the entire page. By default, your shortcode inserts this code into the page:

    <form action="http://..." id="si_contact_form..." method="post">

    Instead, you could just as easily insert this code into the page:

    <form action="https://..." id="si_contact_form..." method="post">

    The only difference is that the first uses HTTP and the second uses HTTPS. If you add a configuration setting in the administrative back end, the administrator can decide which protocol to use for each form.

    Does that sound doable?

    Best wishes,

    Fred

    P.S. Here are some high-traffic examples: Facebook, Twitter, and LinkedIn all have login forms on their home pages, but none of the home pages use HTTPS. Even so, all the logins are secure because the form actions use HTTPS to post the data. Using HTTPS on the whole page is overkill — for security, only the form needs to use HTTPS. That’s what I’d like to do with your contact form.

    Yes I can make a setting for that.

    Thanks, Mike! This new security feature will be one more in a long list of strong selling points for your hugely popular plugin. Much appreciated! -Fred

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘[Plugin: Fast Secure Contact Form] Feature Request: Submit Form with HTTPS’ is closed to new replies.