13 results found
-
Support for Including File Attachments in Optimizely Forms Submission Emails
By default, Optimizely Forms do not send uploaded files as attachments in submission emails. Instead, the system provides links to the files stored in the Optimizely asset library. These links are only accessible to CMS-authenticated users, which limits their usability for external recipients.
Custom Enhancement Possibility:
It is currently possible to customize the SendEmailAfterSubmissionActor to include file attachments, as demonstrated in this community blog post: https://world.optimizely.com/blogs/kennyg/dates/2025/8/sending-email-with-attachments-with-optimizely-forms-in-2025/However, as stated in this blog post, this requires duplicating built-in logic, since SendEmailAfterSubmissionActor does not expose an integration point that allows developers to hook in and add attachments to the message.
Proposed Improvement:…
4 votes -
The email field in a created Form should be marked as type="email" for accessability
When an editor creates a form with an email field, the field should be marked as type="email" to support the new accessability laws.
1 vote -
Multiple file upload
Description:
The client has requested an enhancement to the existing form functionality on the Anglian Water site hosted on Optimizely DXP. The new feature should allow users to:Upload multiple files in a single form submission.
View a list of all uploaded files before submitting the form.Acceptance Criteria:
Users can select and upload multiple files simultaneously.
Uploaded files are displayed in a preview list with file names and sizes.
Users can remove files from the list before submission.
Validation for file types and size limits is enforced.Could you please implement the functionality with support for CMS 11?
We…1 vote -
Make the Salesforce Marketing Cloud (ExactTarget plugin work for multiple Business Units
Problem
We are using the Plugin in Optimizely CMS to easily connect Optimizely Forms to Salesforce Marketing Cloud Data Extensions. This works very well when the user that's used to configure the connector only has access to 1 Business Unit (MID in Salesforce. However, as I understand from Salesforce, many customers work with instances that have multiple Business Units. This means that from Salesforce stand point, you need to provide to which Business Unit you want to connect when authenticating, but the plugin does not provide a means to specify this. To solve this, we now had to create multiple…1 vote -
Enable selection of datetime format on DateTime block in EPiServer.Forms
The current implementation of the DateTime element (found in the EpiServer.Forms.Samples package appears to be insufficient.
In the DateTimeElementBlock.js file, the logic used to determine the language format relies on the browser's language settings. However, this approach fails, as many Danish users have their browsers set to English (US by default, resulting in the language code en-US. This causes the jQuery date picker to display the wrong date format.
var _utilsSvc = epi.EPiServer.Forms.Utils,
language = navigator.language || navigator.userLanguage, // on iOS naviagtor.language is in lower case (ex: en-us
dateFormatSettings = epi.EPiServer.Forms.Samples.DateFormats[language.toLowerCase(] || epi.EPiServer.Forms.Samples.DateFormats["en-us"],
dateFormat = dateFormatSettings.pickerFormat;
A better solution would…2 votes -
No error display when form submit not successful
We want to use Marketing automative Salesforce connector for Optimizely CMS(Customer Management System form to connect with our Salesforce platform.
But we find out there are no submission failure show up on CMS interface, only recording the submit data in "form submission" dropdown.
This is unhelpful and not user-friendly for CMS user, developers, and infrastructure people. We cannot track/ debug/ get notice when form is submitting unsuccessful when Salesforce end shows data field mapping error.
There's no way every-time we have to login application insights, and search for request unsuccessful/ view live log stream. Please add the error notice, error…1 vote -
[Feature request] Display forms in 'For This Site' and 'For This Page' sections when creating an EpiServer Forms criteria under Audiences
Dear Team,
Currently, when setting up EpiServer Forms criteria in Audiences, we can only select forms listed under the 'For All Sites' section. However, our business also requires the use of forms from the 'For This Site' and 'For This Page' sections.
It would be helpful if future releases could include this feature.
Thanks!
Best regards,
Lisa2 votes -
1 vote
-
EPiServer.Forms.Samples uses out of data JQuery.UI with known vulnerabilities
One of our customers is using the EPiServer.Forms.Samples library, mostly to facilitate content gating with the Forms Visitor Groups. During a recent penetration test the following was reported:
We also observed the use of a known vulnerable version of jquery-ui at /Util/EPiServer.Forms.Samples/jquery-ui/jquery-ui.js which is known to have the following vulnerabilities
CVE-2022-31160 (https://nvd.nist.gov/vuln/detail/CVE-2022-31160 : XSS when refreshing a checkboxradio with an HTML-like initial text label
Recommendation
Use the latest versions of the dependencies where possible. If it is not possible to update these, ensure the vulnerable components are not used.
There does not appear to be an equivalent of the…3 votes -
Missing autocomplete-attribute in Forms module
In the Forms module we are missing the possibility of setting the autocomplete-attribute, and therefore WCAG 1.3.5 is broken. Will this be fixed in a future update of Forms?
2 votes -
Make EpiServer Forms compatible with Content Security Policy (without 'unsafe-*'
Content Security Policy (CSP (https://developer.mozilla.org/en-US/docs/Glossary/CSP is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS (https://developer.mozilla.org/en-US/docs/Glossary/XSS and data injection attacks. These attacks are used for everything from data theft to site defacement to distribution of malware.
Current version of EpiServer Forms is not compatible with Content Security Policy (without 'unsafe-*'.
This requires us to change EpiServer Form Element to follow directives from our IT-Security apartment.
Please remove/replace all inline CSS and Javascript required to run EpiServer Forms.
Documentation:
https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/default-src34 votes -
Language translation of email contents in Episerver Forms
As a an editor I would like to translate the contents regarding "Send email after form submission" on the "Settings" tab in order to send e-mails with the correct language to end users, especially with regards to subject and message. This is not currently possible since this list-property is not culture specific.
2 votes -
Add activity logging into Form Submissions for EpiServer Forms
As GDPR administrator i would like to know who was viewing, editing data that has been sent via EpiServer Forms. This is why all actions such:
- display form submissions
- download form submissions report
- deleted submitted data
in Form Submissions panel should be tracked, like for all other types of content.6 votes
- Don't see your idea?