I have a 3rd party desktop application. This application allows one to add extensions based on html, css and javascript. I have such extension and they work fine in the current installed version of the application.

We are now testing the next / new version of the application and the extensions all fail to work. the supplier isn't exactly being super helpful hence me coming here to ask for guidance. What the supplier did provide was this statement:

The old web browser component depending on the now retired IE11 view has been updated to use the Webview2 class from Microsoft Edge

So in essence the engine that runs the extensions was changed.

What I don't understand is why this leads to the extensions not working.

To explain further, by "not working" I mean that the ajax calls in the extensions fail, they aren't even getting run and always remain at status 0. The extension uses jquery but I also tried with plain JS and same result.

So something in webview2 is "blocking" these requests. I'm also not getting any errors or log files so I have no idea what is actually failing. Note that this is on the same machine it works on the old versions and the web service calls also work in postman on the same machine so a network problem can be ruled out. The issue is with webview2 and what it changes in regards to the old web component.

The old internal web service is http (no ssl). could that be the issue? CORS issue but why did it work before?

UPDATE:

it seems to be a CORS issue. setting env variable

WEBVIEW2_ADDITIONAL_BROWSER_ARGUMENTS to "--disable-web-security" makes the extensions work. of course this is not a viable solution but at least the issue clearly is CORS.

I changed the webserver to return following headers for the options call:

Access-Control-Allow-Origin *

Access-Control-Allow-Methods GET,OPTIONS

Access-Control-Allow-Headers *

but it still does not work when removing the above flag.

Any advice?