At Loud Interactive, we've identified that the URL employs HTTPS yet hosts a form with an action set to a non-secure HTTP endpoint.
Why is this important?
Securing communication via HTTPS is crucial as it ensures the information sent between the client and server is encrypted. A form action pointing to an HTTP URL compromises this security, leading to potential data breaches.
Common browsers alert users with a security notification when they're about to submit information through an unsecured HTTP connection.
What does the Optimization check?
Loud Interactive's Optimization activates if it detects an HTTPS page containing a form that submits data to an unencrypted HTTP address.
Examples that trigger this Optimization:
A page such as https://example.com/secure-page would trigger this Optimization if it includes HTML like:
Form submitting to an HTTP URL with POST method:
<form action="http://example.com/process.php" method="POST"></form>
Form with no method attribute posting to an HTTP URL:
<form action="http://example.com/process.php"></form>
Form with GET method submitting to an HTTP URL:
<form action="http://example.com/process.php" method="GET"></form>
Form with POST method submitting to an HTTP URL using single quotes:
<form action='http://example.com/process.php' method='POST'></form>
Form with GET method posting to an HTTP URL with no quotation marks:
<form action=http://example.com/process.php method=GET></form>
How do you resolve this issue?
To secure the data transfer, update the form's action attribute to use an HTTPS URL, guaranteeing data encryption during transmission.