How to Embed a Form on an External Website

Zapof Forms protects your IFRAME from Clickjacking attack. Without the Clickjacking protection, the attacker can embed your form into the attacker's site and add a transparency layer on top of the form. If the user clicks the submit button, she/he may click on a layer that belongs to the attacker. The attacker "hijacks" the clicks meant for the form and route them to another page. Zapof Forms will only display the form on your website when you provide the domain name of your website that serves the webpage where you embed the IFrame.

To embed a form as an IFRAME to your website:
  1. While you are editing the form, click the ‘Share’ button.
  2. Enter the domain name of your website (without https) such as
    - If your website also uses naked domain, such as, please enter both domains with and without www.
    - If you use sub-domains to serve the web pages where the IFrame is, include all sub-domains separated with commas, such as,,,
    - If your website is non-secure (http), include the http protocol, such as
  3. Click the ‘Show Code.’ button.
  4. Click the ‘Copy Code to Clipboard.’ button.
  5. Paste the code on your website page editor.

Built using Zapof