We're evolving to serve you better! This current forum has transitioned to read-only mode. For new discussions, support, and engagement, we've moved to GitHub Discussions.

e-mail form marks your website “potentialy unsecure” with chrome

  • #11713
    Avatar photo[anonymous]

    When making a basic <a href mailto …, ,there id no problem.

    But when you want to make an advanced form, you are markes instantaneousely from the browser side as “possibely unsecure”; when you push the submit button you get to a specific chrome webpage saying “do not send your  data on this web site”.

    As soon as yo remove the code, it goes away !

    And it doesn t do it localy when testing.

    <form action=”” method=”GET”>
    <p align=”left”>
    <input type=”hidden” name=”subject” value=””>
    <label for=”reason”>je vous contact concernant :</label>
    <select name=”body” id=”reason”>
    <option value=

    Avatar photo[anonymous]

    Hey there! I’ve hosted a few forms on my Publii sites using Formsubmit and haven’t encountered this issue.

    What form processor/app are you using to manage your forms?

    Is the website live? If so, could you share a link (with the form) so that people can inspect it on their browsers?

    What is the exact text that Chrome is giving you? Could you share a screenshot (I understand French, so it’s ok if it’s not English)?

    Avatar photo[anonymous]

    bobee tried to pass a form to the user’s mail program using a registered link handler (mailto).

    This link handler has been defined as insecure because the security of the data transferred cannot be guaranteed.

    If an attempt is made to switch from a secure context (https) to an insecure context, an error message will appear.

    That’s why it also works locally, because file is not considered a secured context. Same with http (without s).

    This is intentional and as candidexmedia already mentioned, you should use a form processor.

    Avatar photo[anonymous]

    Hi there,

    thanks for your very helpfull answers.

    I guess you mean by for mprocessor, having  some code on my serber like PHP and post it to it ?

    Or use google form ?

    I wanted to have a more directe way, it is sade I cannot fill an email with a form… For now I have done butons with mailto.

    You can check my site “compass financement” on google

    Avatar photo[anonymous]
    [anonymous] wrote:

    I guess you mean by for mprocessor, having some code on my serber like PHP and post it to it ?

    There are a number of form receivers / forwarders / processors for static sites. You’re not just limited to Google Forms (which don’t match your site’s aesthetic) or mailto: links (which expose your email to scrapers and crawlers).

    These options have been documented on this very forum:

    CSS-Tricks has a fantastic comparison table with all the options, although the article is a bit outdated: A Comparison of Static Form Providers.

    You can choose from Netlify Forms, Formspree, Jotform, Formcarry, Getform, Formcarry, Smartforms, Typeform, etc. Aternativeto is great place to find more options if you’re still on the hunt.

    As mentioned in a previous reply, I’ve been using Formsubmit for a while now and have no complaints. You create a regular HTML form, and instead of setting the action to your email, you set it to their link (there’s even an email masking option). When someone fills out the form, the email is sent to you directly, and there are no limits on submissions.

    Besides that, Tally is another that some have used. I’ve tested it locally, and although the free version doesn’t allow for custom CSS, it has some pretty solid features like an e-signature field and payment collection.

    Otherwise, Airtable and nocodb (open source) are other great options for a slightly nicer looking Google Forms experience.

    If you’re still keen on using a mailto link, give mailgo a look (demo)