I’ve got a security question. Is there a way to hide the form fields completely. The CSS class “gf_hidden” hides the fields from the front-end but they are still visible in DevTools. This way it is easy for somebody to alter the input of a hidden field. This is problematic, because those hidden fields are used in a automatically generated PDF. I hope you guys have a solution. Thank you in advance.
UPDATE: Even if you alter the input of the field in the DOM (DevTools) then the field isn’t modified in the end. But it’s still important to hide the HTML field completely, so the information is not viewable in DevTools.
If you do not want the information available in the source of the page or in the browser developer console, you can use Administrative visibility fields. Those are only available in the form admin, not when the page is rendered on screen.
It would be nice if the HTML fields had an admin visibility option. I use the HTML fields to store my GravityPDF buttons for the form and I only want to display them after the form is submitted. Also a store a custom Print Button in the html field that triggers a ajax call to mark the order as printed.
Currently, I use conditional logic to hide them but, if a validation error is triggered they become visible.
Hi Shawn. Can you send a link to the page on your site where we can see that form? I’m trying to envision how the HTML field which was hidden by conditional logic will become visible after a validation error. I’d like to see it if you can share it. Thank you.
The condition logic on my HTML fields is on a dropdown field called “Exported” values are " ", “yes” and “no”. The Exported dropdown has a default value of “No” and is not available to the user. The conditional logic on the HTML blocks is show if “Exported” value is not " ".
Screen 1:
The html blocks on the side of the page, flash (display) when a validation error occurs. They are noticeable to the users but they do hide again.
Can you share the URL to the page on your site where we can see the form, or can you export the form and send the JSON exported form file to me at chris@rocketgenius.com?
Hi Shawn. I was testing your form. Can you try disabling the option on the Form Settings page for “Animated transitions”? You currently have that checked. Can you try that unchecked and see if you experience the same thing?
So your initial form might ask 5 generic “no security impact to see them” questions, and then a different set of user input steps could be displayed for follow-up action depending on the values selected. If you need to add another layer of granularity/security, our Form Connector extension’s update an entry step can allow you to map data from or into other entries.
