Extensions Guidelines - Data received over AJAX

Hello guys, reading the Guidelines & Policies, one of the point states the following: “Do not inject directly into the DOM any data obtained dynamically over AJAX (e.g., JSON is fine, HTML is not).”

In my case, I send a request to a RESTful API which is hosted on my server. After performing some tasks, the server builds a string with the HTML code which is returned back to the front-end, if the call completed succesfuly then I do something like: var target = $("#container"); target.html(responseFromServer);

That is not allowed right? Should I instead send the data as JSON and “inject / create” the HTML on the fly in javascript?



The direct usage of any HTML received via calls to your EBS is not allowed.

Just - as you stated you stated yourself - send the actual data, like a message, in the response and add any HTML for formatting in the JS processing the response.

1 Like

Thank you Hellcat, much appreciated! :smiley:

Sorry for the double post.

What about for some tags that I need to be sent by the server? For example, the description of some objects I send to the front-end are retrieved from the database and that description contains some HTML code and change the data from the database would be really bad, will be this a problem?

Edit: Changed the question since the “problem” isn’t the server itself but the database.


Just a tip and forgive my horrible english kkk :tired_face:

Usually there are some conventions on how to manipulate the DOM, there are also frameworks that remove the Responsibility of the Developer to manipulate the DOM directly, there are several good and interesting examples, React, Vue, Angular, Ember and etc.
When you have a time it is worth to understand the proposals of these tools

obs: First of all, learn the vanilla javascript correctly.

Any questions just post here :slight_smile:

See also this duplicate post on the same subject for some notes:

1 Like

Barry, thank you very much for taking the time to search for that post and answering here. That’s exactly what I wanted to know!