Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

JavaScript runtime error: Unable to add dynamic content

Tags:

javascript

windows-8

microsoft-metro

I'm making a javascript metro app and have some code like this:

    <script>
       document.writeln(foo());//this line is trouble
    </script>

and when I tried to run, it gave me a rather long error:

Unhandled exception at line 20, column 9 in ms-appx://a375ffac-3b69-475a-bd53-ee3c1ccf4c4e/default.html

0x800c001c - JavaScript runtime error: Unable to add dynamic content. A script attempted to inject dynamic content, or elements previously modified dynamically, that might be unsafe. For example, using the innerHTML property to add script or malformed HTML will generate this exception. Use the toStaticHTML method to filter dynamic content, or explicitly create elements and attributes with a method such as createElement. For more information, see http://go.microsoft.com/fwlink/?LinkID=247104.

How can I get around this?

like image 599
Chin Avatar asked Jan 23 '13 02:01

Chin

2 Answers

regarding to the docs I would try :

document.writeln(window.toStaticHTML(foo()));
like image 22
Dr.Molle Avatar answered Sep 21 '22 10:09

Dr.Molle

Windows 8 restricts the content you can set through innerHTML and Writeln, because it's considered unsafe...

The correct way to add content is:

// The untrusted data contains unsafe dynamic content
var unTrustedData = "<img src='http://www.contoso.com/logo.jpg' on-click='calltoUnsafeCode();'/>";

// Safe dynamic content can be added to the DOM without introducing errors
var safeData = window.toStaticHTML(unTrustedData);

// The content of the data is now 
// "<img src='http://www.contoso.com/logo.jpg'/>" 
// and is safe to add because it was filtered
document.write(safeData);

If your code has some javascript, you can use this function (But microsoft dont recomend it):

MSApp.execUnsafeLocalFunction(function() {
    var body = document.getElementsByTagName('body')[0];
    body.innerHTML = '<div style="color:' + textColor + '">example</div>';
});

See at:

http://msdn.microsoft.com/en-us/library/windows/apps/Hh767331.aspx

For your case:

MSApp.execUnsafeLocalFunction(function() {
    document.writeln(foo());
});

Note that you should only do this if you understand your content is safe; if you don't, I would recommend using the toStaticHTML method.

like image 187
Bruno Croys Felthes Avatar answered Sep 20 '22 10:09

Bruno Croys Felthes
Sign in to Comment

Related questions

Getting img.src value (path name)
JavaScript network visualization?
How to get three month ago date in javascript in the format as YYYYDDMM efficiently
Backbone.js Security
JQuery.getJSON() reading a local file
Multiline string in div using javascript
What is the rationale behind the "var self = this" approach? [duplicate]
JavaScript Language Reference Manual [closed]
Javascript: DLNA client
Javascript new Array and join() method
how to pass a string value to webView from an activity
ExpressJS - Socket.IO with Route Separation
Prevent horizontal scroll in iOS WebApp
Poor JS/jQuery performance, particularly in IE9 and Firefox
Twitter Bootstrap Popovers and Tooltips on Listbox Option Elements showing in the wrong place
NaN in multiplication
What is the name of this? [duplicate]
Why is jquery event delegation not working?
Has anyone run into Sitecore removing JavaScript from the page editor?
JavaScript Object - Call without creating it (like Math object)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!