Trying to use jQuery with Windows 8 applications can lead to security exception

[fpintos2@…]

See repro in  http://stackoverflow.com/questions/10859523/using-jquery-with-windows-8-metro-javascript-app-causes-security-error/11909881#11909881

The "HTML1701: Unable to add dynamic content" error comes up when we try to create elements using, for example, $('<div>some html content<div>') and then trying to insert that element in the DOM.

I fixed this problem in my app by defining:

var toStaticHTML = window.toStaticHTML || function (s) { return s; };

and then updating all places that set innerHTML to call toStaticHTML.

For example:

div.innerHTML = "   <link/><table></table><a href='/a' style='color:red;float:left;opacity:.55;'>a</a><input type='checkbox'/>";

Became:

div.innerHTML = toStaticHTML("   <link/><table></table><a href='/a' style='color:red;float:left;opacity:.55;'>a</a><input type='checkbox'/>");

In my case we were using 1.4.4; I haven't tried with newer versions yet.

[rwaldron]

Of course we'd like to support windows 8 applications, but this recommended fix is unreasonable. Do you know of any way to run tests in the windows 8 app environment?

[dmethvin]

This appears to be the same issue that we fixed regarding CSP in #11249. OP, can you confirm that jQuery 1.8 no longer throws this error?

[fpintos2@…]

I've updated our code with jQuery 1.8 but the issue remains.

I've narrowed down the problem to the following minimal repro:

$(document).ready(function () {

var z = $('<form action=\"javascript:void(0);\"></form>'); $(document.body).append(z);

});

That 'action=\"javascript:void(0);\"' makes it fail; given that this is coming from our own code I'll just track down the owner of the offending line and see if we can remove that altogether, in which case things works as expected and we don't need to change jQuery. :-)

As for testing, I believe you need to write a test app that packages the unit test framework, the test scripts and the scripts being tested and then make its test framework be the default page. I did not see any JavaScript-based unit tests in VS2012RP specific to win8.

[dmethvin]

Yes, as you have observed we cannot fix this. You are breaking the rules in your own code.

We'd welcome any contributions you'd like to make in testing.