Are all illegal functions. Instead one should be making use of
There are two posts on the topic
However both of them are out of date as they reference custom builds of jQuery. As of jQuery 2.0 you don’t need to use these tricks to get jQuery to work. However I did find that the latest angular still had an issue. In the final line of angular some styling information is injected onto the page.
As you can see this just uses an append. Now append typically just calls appendChild which is permitted by WinJS. I still found it to be an issue, perhaps because we’re appending a child with properties instead of a child with properties set with setAttribute. I solved it by using the execUnsafeLocalFunction method in WinJS. This overrides the security restrictions for the function passed in as an argument. I was confident the angular code was not going do harm so I felt okay about using this. In general I would take the time to rewrite the code to be more secure.