I have an ASP.NET website. Very huge! The latest addition I’ve made, everything is

Question

0

Editorial Team

Asked: May 11, 20262026-05-11T06:38:54+00:00 2026-05-11T06:38:54+00:00

I have an ASP.NET website. Very huge! The latest addition I’ve made, everything is

0

I have an ASP.NET website. Very huge!

The latest addition I’ve made, everything is JavaScript/AJAX enabled.

I send HTML and JavaScript code back from the server to the client, and the client will inject the HTML into a DIV – and inject the JavaScript into the DOM using this:

$('<script type='text/javascript'>' + script + '</sc' + 'ript>').appendTo(document);

or this:

var js = document.createElement('script'); js.setAttribute('type', 'text/javascript'); js.text = script; document.appendChild(js);

On my own dev machine, the injected javascript is accessible and I’m able to execute injected JavaScript functions.

When I deploy to my test environment, )we have an internal domain name such as http://www.testenv.com) I get JavaScript errors.

I’ve tried to isolate the problem into a small page, where I inject alert(‘sfdfdf’); at the bottom of the page, and that works fine.

Is there any policy settings that prohibits this?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

score 0 · Answer 1 · 2026-05-11T06:38:55+00:00

2026-05-11T06:38:55+00:00Added an answer on May 11, 2026 at 6:38 am

Don’t appendChild to ‘document’; <script> can’t go there and you should get a HIERARCHY_REQUEST_ERR DOMException according to the DOM Level 1 Core spec. The only element that can go in the Document object’s child list is the single root documentElement, <html>.

Instead append the script to an element inside the document, such as the <body>.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have an ASP.NET website. Very huge! The latest addition I’ve made, everything is

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply