Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Om de ûnderfining foar jo te ferbetterjen is tydlik de funksjonaliteit dan dizze website troch ûnderhâldswurk beheind. Wannear in artikel jo probleem net oplost en jo in fraach stelle wolle, kin ús stipemienskip jo helpe yn @FirefoxSupport op Twitter en /r/firefox op Reddit.

Avatar for Username

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.

If the lock icon appears in the browser is it safe to assume that a PDF form will send my credit card information securely (over HTTPS)

  • 2 antwurd
  • 1 hat dit probleem
  • 8 werjeftes
  • Lêste antwurd fan DB

DB
DB
more options

If the lock icon appears in the browser is it safe to assume that a PDF form will send my credit card information securely (over HTTPS)? Or is the lock icon only relevant for HTML pages?

For that matter, does a lock icon also include the assurance that an HTML form will be posted securely?

If the lock icon appears in the browser is it safe to assume that a PDF form will send my credit card information securely (over HTTPS)? Or is the lock icon only relevant for HTML pages? For that matter, does a lock icon also include the assurance that an HTML form will be posted securely?

Alle antwurden (2)

jscher2000 - Support Volunteer
jscher2000 - Support Volunteer
  • Top 25 Contributor
more options

When you are on a secure page, and a form on the secure page is submitting to an insecure page, Firefox should display a warning and let you cancel the submit. (See attached.)

However, I don't know whether that applies to forms hosted in a plugin, such as Adobe Acrobat. I'm trying to think of a way to test that... (I do not have a version of Adobe that can create a PDF form)

Bewurke troch jscher2000 - Support Volunteer op

DB
DB Fraacheigener
more options

It appears that the Adobe PDF plugin does not give any warning about sending form data to an unencrypted URL (even if it is loaded via HTTPS) https://dl.dropbox.com/u/892408/sample-form-1.pdf

Firefox's built-in PDF preview does not support forms (as of Firefox 19), so that isn't an option either.

However I did notice that if you save the form and open it in the Adobe Reader application (instead of the plugin) it shows a confirmation dialog before sending form data. The confirmation dialog displays the URL so you can look for HTTPS in the URL (but Adobe does not check the integrity of HTTPS certificate).

As best I can tell, PDF forms are not a secure method of submitting credit card information since there is no simple way for the user to independently verify that the form contents will be encrypted before sending.