Document Object Model (DOM) manipulation in Client Scripts

Impact area

Manageability

Severity

High

Affected element

Client Scripts

Widget

Widget Angular Provider

Rule ID

SN-0019

Impact

This customization technique gives a lot of control, but does frequently cause upgrade challenges. It is recommended not to use jQuery, PrototypeJS, gel and other techniques.

Remediation

Avoid Document Object Model (DOM) manipulation if possible. It can cause a maintainability issue when the instance is updated. The only exception is when you are in charge of the DOM: in UI Pages, and the Service Portal. Instead, use the GlideForm API or consider a different approach for the solution. In general, when using DOM manipulation methods, you have to reference an element in the DOM by id or using a CSS selector. When referencing out-of-box DOM elements, there is a risk that the element ID or placement within the DOM could change thus causing the code to stop working and/or generate errors. If DOM manipulation is done, it needs to be done with forethought, caution, and a full understanding of the risk you are incurring. Review these objects and reduce the use of DOM manipulation methods as much as possible.

Time to fix

50 min




Last modified on Jun 9, 2020