Purpose of the UI script should not use DOM Manipulation

MR1
Tera Contributor

‎01-29-2023 10:16 AM

 

Spoiler
 

Hi,

 

 

I would like to know the purpose of the UI Script should not use DOM Manipulation. We have couple of script on the table check(scan_table_check) table. 

 

UI scripts should not use DOM manipulation - Can we remove them or is there any impact.?

(function (finding, current) {
	var regex = /gel\s*\(|[\s\w\d]document\.[a-zA-Z]+|\.onchange\s*\(|\.onclick\s*\(|\$.+?\s*\(|Event\.|jQuery\s*\(/g;

	var scriptValue = current.getValue("script") || "";
	var matches = scriptValue.match(regex);

	if (matches) {
		matches.forEach(function(match) {
			finding.increment();
		});
	}
})(finding, current);

Thanks

0 Helpfuls
  • 713 Views
4 REPLIES 4

newhand
Mega Sage

‎01-29-2023 07:18 PM

Hi @MR1 

I think when your instance get updated, the ui script with dom manipulation may not work on the newer version.

So, Snow doesn't suggest to use dom manipulation.

 

 

Please mark my answer as correct and helpful based on Impact.
0 Helpfuls

Tony Chatfield1
Kilo Patron

‎01-29-2023 07:33 PM

Hi, unfortunately your question\issue is not clear and your post doesn't indicate if your script is OOB or custom?

As the community does not have visibility of your instance configuration, it is not possible for anyone to assess the impact of any changes you intend to make. As a rule of thumb DOM manipulation is not best practice for customizations.
If the code\script is OOB then you should not delete it and unless you are sure that it will not impact your instance then you should not set it inactive.
For custom code that is no longer used I would not delete but instead set inactive.

 

0 Helpfuls

MR1
Tera Contributor
In response to Tony Chatfield1

‎01-29-2023 07:56 PM

Thanks for your response!

This believe that's a custom UI scripts "UI scripts should not use DOM manipulation" because it was created by some other developer. When I compared with my PDI instance, I didn't find this script in my personal developer instance.

However, one thing is confusing me is that, it has a protection policy of "read only". Not sure what this script is doing. This script is on "scan_finding" table. 

 

Thanks

0 Helpfuls

Tony Chatfield1
Kilo Patron
In response to MR1

‎01-29-2023 08:22 PM

Hi, you state that This script is on "scan_finding" table.  but UI Scripts do not have a table configured against them OOB .

/sys_ui_script_list.do?sysparm_query=&sysparm_view=

but it does look like a 'Table Checks' script
IE it is populated in the table 'scan_table_check' not  sys_ui_script ?

 

'Table Checks' are a component of Instance scan

Instance Scan (servicenow.com)

Create a table type check (servicenow.com)

and it seems that the code is simply checking a table (possibly 'sys_script_client') for values that might indicate DOM manipulation.
There would be no impact to BAU functionality from disabling this table check, other than the table check would no longer run\report results.