Not quite sure if this fits in this Forum.

In some custom Javascript code on our WC site, an operation (Punchout Login) is failing due to deprecated HTTP programming. This is due to tightening up security issues with older language constructs.

These changes were announced back in the 2nd half of 2020 and will be a part of all Chrome-based browsers, which includes the latest version of Edge.

I'm not sufficiently familiar with WC to identify instances of deprecated HTTP. But, I was interested in how the framework has adapted, if needed, to these changes.

Here's a link to the changes as they appear in Edge.

Site compatibility-impacting changes coming to Microsoft Edge - Microsoft Edge Development | Microsoft Docs

https://docs.microsoft.com/en-us/microsoft-edge/web-platform/site-impacting-changes#:~:text=Site%20compatibility-impacting%20changes%20coming%20to%20Microsoft%20Edge%20,a%20su%20...%206%20more%20rows

Got a partial answer from another current thread to which Rick responded with a white paper: https://www.west-wind.com/wconnect/weblog/ShowEntry.blog?id=937

TLS 1.2 support is provided by the operating system and WC utilizes a wrapper to access that.

Interested in how WC has addressed the other issues noted in the links to Chrome/Edge security changes coming down the pike.

These aren't issues that directly need to be addressed by Web Connection, but by your application. Mostly this is concerning same site cookies.

In version 7 there have been changes to the default way that cookies are created for session cookies to follow the stricter guidelines. AFAIK, these are safe for same site cookie usage and work across all chromium browsers without warnings. Older applications need to update their cookie settings manually or update to a more recent version of Web Connection for automatic updates.

+++ Rick ---