Every Click & Pledge payment form, whether it uses a standalone URL or is embedded into your website using an iframe code, is secured with the HTTPS protocol. In addition, if you embed a payment form on your page, your page must be secured
Beginning in July 2018 (Chrome 68.0), Google Chrome Google Chrome marks webpages as Not Secure, if:
- Your website's domain is not secured (HTTPS).
- Elements on the page are not hosted on a secure server, including:
- Lightboxes/Overlays
- CSS
- Scripts
- Iframes
What do I need to know?
- If you use Direct Link for your forms, you don't need to do anything. Each standalone CONNECT form uses a secure (HTTPS) domain.
- If you publish using any of the other options: inline iframe, overlay, or Wordpress plugin, the page where you are embedding the form must be on a secure (HTTPS) webpage.
I have embedded an iframe form into an unsecure (HTTP) webpage. What do I need to do?
Google's developers have provided directions to securing your website domain and iframed donation forms.
I have embedded all my iframe forms into secure (HTTPS) webpages. What else do I need to do?
A secure page shows a closed lock next to the URL. If you see this message:
Contact your system administrator, IT manager, or Web developer to secure your website and donation forms. While we can't change your domain security for you, our Support team is happy to answer any other questions you might have about our donation forms' security.