Skip to main content

Bug Tracker

Side navigation

#8919 closed bug (cantfix)

Opened April 19, 2011 03:45PM UTC

Closed April 19, 2011 07:11PM UTC

jQuery html member method malfunctions when using IE7/8/9 in high security settings

Reported by: Owned by:
Priority: low Milestone:
Component: manipulation Version: 1.5.2
Keywords: Cc:
Blocked by: Blocking:

To reproduce: Use IE 7/8/9 in High security mode for the Internet zone. Load the attached html file. You should be prompted with a warning about running the scripts on the page. Allow them to run and click the button on the page. This button invokes javascript which adds in another button and a select element. Click the newly created button to test that the javascript has loaded OK, it should pop up an alert. If you examine the attached html file, you'll see that I use the javascript "innerHTML" instead of the jQuery "html" method to do this. The jQuery "html" method adds in the content OK but the javascript does not execute. Stranger still, if you remote the option tag from the select element in the dynamic html content, the problem goes away. I wish I could provide a more concise example but unfortunately this is the best I can do.

Attachments (0)
Change History (2)

Changed April 19, 2011 03:50PM UTC by comment:1

Hmmm, I can't seem to attach a file, I'll just paste it in here:



<script type="text/javascript" src=""></script>


function dynamicContent()


var data = '<div><select> <option>Option Entry</option> </select> <input type="button" value="Test dynamic content alert" onclick="Javascript:alert(\\'content loaded successfully\\')"></div>' ;

document.getElementById("ajaxPanel").innerHTML = data ; /* this works */

/*$("#ajaxPanel").html(data); this doesn't */





<input type="button" value="Invoke dynamic content..." onclick="javascript:dynamicContent()">

<div id="ajaxPanel">




Changed April 19, 2011 07:11PM UTC by timmywil comment:2

component: unfiledmanipulation
priority: undecidedlow
resolution: → cantfix
status: newclosed

IE is pretty insane with its security modes sometimes. I don't think this is something we can fix reliably as we don't have control over what IE decides is insecure. Besides, innerHTML does not seem to work for me either in the highest security mode: