MS Code review clarification on document.getElementById in html

The issue:

·         The MS code review flagged this line: “The call accesses the HTML document object model (DOM) directly. This technique is unsupported. Remove or replace with a supported API provided in the client object model or employ a different technique.”

·         This happens because in certain contexts (like Power Apps, Dynamic 365, or other Microsoft platforms), direct DOM manipulation (document.getElementById, document.querySelector, etc.) is not recommended or supported.

·         Instead, Microsoft wants developers to use their client APIs (like Xrm in Dynamic 365, or PCF control APIs in Power App).

Why?

·         Direct DOM access can break if Microsoft updates their platform UI.

·         DOM IDs/classes may change, and your code will break since it depends on internal HTML structure.

·         Using official client APIs makes your solution more stable and supported long-term.

Can this be false positive?

·         If you are working in a standalone web app (not inside Dynamics/Power Apps or similar), then yes document.getElementById is completely fine and supported in browsers.

·         But if your HTML/JS is used as a web resource inside Microsoft environments, then it’s not a false positive. Microsoft requires you to use their APIs instead of touching the DOM directly.

Summary:

·         If you are building a normal web app-> safe to ignore, this is a false positive.

·         If you are inside Microsoft environments (Dynamic, Power Apps, etc.) -> you should avoid document.getElementById and instead use the supported client API for interacting with forms or UI elements.

Let me know if you need any further help with this. We'll be happy to assist.

If you find this helpful, please mark this as answered.