setting innerHTML with a script inside [duplicate]

Answer 1

It is always best to use create the elements and append them rather than straight inserting any html using innerhtml.

You can use read more about it here: https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Cheat_Sheet

This fragment works:

var newScript = document.createElement( "script" );
newScript.type = 'text/javascript';
var scriptContent = document.createTextNode( "googletag.cmd.push( function() { googletag.display( '" + encodeURIComponent( divID ) + "' ); } );" ); 
newScript.appendChild( scriptContent ); 

Here is the example in action: https://jsfiddle.net/BrianLayman/4nu667c9/