Povratne informacije Uredi

Runtime Changes for Migration from .NET Framework 4.6.2 to 4.8

  • Članak
  • 15 min. za čitanje

If you are migrating from the .NET Framework 4.6.2 to 4.8, review the following topics for application compatibility issues that may affect your app:

ASP.NET

ASP.NET Fix handling of InputAttributes and LabelAttributes for WebForms CheckBox control

Details

For applications that target .NET Framework 4.7.2 and earlier versions, CheckBox.InputAttributes and CheckBox.LabelAttributes that are programmatically added to a WebForms CheckBox control are lost after postback. For applications that target .NET Framework 4.8 or later versions, they are preserved after postback.

Suggestion

For the correct behavior for restoring attributes on postback, set the targetFrameworkVersion to 4.8 or higher. For example:

<configuration>
<system.web>
<httpRuntime targetFramework="4.8"/>
</system.web>
</configuration>
Setting it lower, or not at all, preserves the old incorrect behavior.

Name Value
Scope Unknown
Version 4.8
Type Runtime

Affected APIs

ASP.NET Incorrect multipart handling may result in lost form data.

Details

In applications that target .NET Framework 4.7.2 and earlier versions, ASP.NET might incorrectly parse multipart boundary values, resulting in form data being unavailable during request execution. Applications that target .NET Framework 4.8 or later versions correctly parse multipart data, so form values are available during request execution.

Suggestion

Starting with applications running on .NET Framework 4.8, when targeting .NET Framework 4.8 or later by using the targetFrameworkVersion element, the default behavior changes to strip delimiters. When targeting previous framework versions or not using targetFrameworkVersion, trailing delimiters for some values are still returned.

This behavior can also be explicitly controlled with an appSetting:

<configuration>
<appSettings>
...
<add key="aspnet:UseLegacyMultiValueHeaderHandling"  value="true"/>
...
</appSettings>
</configuration>
Name Value
Scope Unknown
Version 4.8
Type Runtime

Affected APIs

ASP.NET ValidationContext.MemberName is not NULL when using custom DataAnnotations.ValidationAttribute

Details

In .NET Framework 4.7.2 and earlier versions, when using a custom System.ComponentModel.DataAnnotations.ValidationAttribute, the ValidationContext.MemberName property returns null. In .NET Framework 4.8 version prior to the October 2019 update, it returns the member name. Starting with .NET Framework October 2019 Preview of Quality Rollup for .NET Framework 4.8, it returns null by default, but you can opt in to return the member name instead.

Suggestion

Add the following setting to your web.config file for the property to return the member name in .NET Framework October 2019 Preview of Quality Rollup for .NET Framework 4.8 and later versions:

<configuration>
<appSettings>
...
<add key="aspnet:GetValidationMemberName"  value="true"/>
...
</appSettings>
</configuration>
In .NET Framework 4.8 version prior to the October 2019 update, adding this to your web.config file restores the previous behavior and the property returns null.

Name Value
Scope Unknown
Version 4.8
Type Runtime

Affected APIs

Core

.NET COM successfully marshals ByRef SafeArray parameters on events

Details

In .NET Framework 4.7.2 and earlier versions, a ByRef SafeArray parameter on a COM event would fail to marshal back to native code. With this change, the SafeArray is now marshalled successfully.

  • [ x ] Quirked

Suggestion

If properly marshalling ByRef SafeArray parameters on COM Events breaks execution, you can disable this code by adding the following configuration switch to your application config:

<appSettings>
  <add key="Switch.System.Runtime.InteropServices.DoNotMarshalOutByrefSafeArrayOnInvoke" value="true" />
</appSettings>
Name Value
Scope Minor
Version 4.8
Type Runtime

Affected APIs

Not detectable via API analysis.

.NET Interop will now QueryInterface for IAgileObject (a WinRT interface)

Details

When using a WinRT event with a .NET delegate, Windows will QI for IAgileObject starting with .NET Framework 4.8. In previous versions of .NET Framework, the runtime would fail that QI, and the event could not be subscribed.

  • [ x ] Quirked

Suggestion

If enabling the QI for IAgileObject breaks execution, you can disable this code by setting the following configuration.

Method 1: Environment variable

Set the following environment variable: COMPLUS_DisableCCWSupportIAgileObject=1

This method affects any environment that inherits this environment variable. This might be just a single console session, or it might affect the entire machine if you set the environment variable globally. The environment variable name is not case-sensitive.

Method 2: Registry

Using Registry Editor (regedit.exe), find either of the following subkeys:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework
  • HKEY_CURRENT_USER\SOFTWARE\Microsoft.NETFramework

Then add the following entry:

Name: DisableCCWSupportIAgileObject Type: DWORD (32-bit) value (also called REG_DWORD) Data: 1

You can use the Windows REG.EXE tool to add this value from a command line or scripting environment. For example:

reg add HKLM\SOFTWARE\Microsoft.NETFramework /v DisableCCWSupportIAgileObject /t REG_DWORD /d 1

In this case, HKLM is used instead of HKEY_LOCAL_MACHINE. Use reg add /? to see help on this syntax. The registry value name is not case-sensitive.

Name Value
Scope Edge
Version 4.8
Type Runtime

Affected APIs

Not detectable via API analysis.

Allow Unicode in URIs that resemble UNC shares

Details

In System.Uri, constructing a file URI containing both a UNC share name and Unicode characters will no longer result in a URI with invalid internal state. The behavior will change only when all of the following are true:

  • The URI has the scheme file: and is followed by four or more slashes.
  • The host name begins with an underscore or other non-reserved symbol.
  • The URI contains Unicode characters.

Suggestion

Applications working with URIs consistently containing Unicode could have conceivably used this behavior to disallow references to UNC shares. Those applications should use IsUnc instead.

Name Value
Scope Edge
Version 4.7.2
Type Runtime

Affected APIs

Support special relative URI notation when Unicode is present

Details

Uri will no longer throw a NullReferenceException when calling TryCreate on certain relative URIs containing Unicode. The simplest reproduction of the NullReferenceException is below, with the two statements being equivalent:

bool success = Uri.TryCreate("http:%C3%A8", UriKind.RelativeOrAbsolute, out Uri href);
bool success = Uri.TryCreate("http:è", UriKind.RelativeOrAbsolute, out Uri href);

To reproduce the NullReferenceException, the following items must be true:

  • The URI must be specified as relative by prepending it with 'http:' and not following it with '//'.
  • The URI must contain percent-encoded Unicode or unreserved symbols.

Suggestion

Users depending on this behavior to disallow relative URIs should instead specify UriKind.Absolute when creating a URI.

Name Value
Scope Edge
Version 4.7.2
Type Runtime

Affected APIs

Runtime

Improved WCF chain trust certificate validation for Net.Tcp certificate authentication

Details

.NET Framework 4.7.2 improves chain trust certificate validation when using certificate authentication with transport security with WCF. With this improvement, client certificates that are used to authenticate to a server must be configured for client authentication. Similarly server certificates that are for the authenticating a server must be configured for server authentication. With this change, if the root certificate is disabled, the certificate chain validation fails. The same change was also made to .NET Framework 3.5 and later versions via Windows security roll-up. You can find more information here.This change is on by default and can be turned off by a configuration setting.

Suggestion

  • Validate if your server and client certification has the required EKU OID. If not, update your certification.

  • Validate if your root certificate is invalid. If so, update the root certificate.

  • If you can't update the certificate, you can work around the breaking change temporarily with the following configuration setting. However, opting out of the change will leave your system vulnerable to the security issue.

    <appSettings>
  <add key="wcf:useLegacyCertificateUsagePolicy" value="true" />
</appSettings>
Name Value
Scope Minor
Version 4.7.2
Type Runtime

Affected APIs

Not detectable via API analysis.

Security

RSACng and DSACng are once again usable in Partial Trust scenarios

Details

CngLightup (used in several higher-level crypto apis, such as System.Security.Cryptography.Xml.EncryptedXml) and System.Security.Cryptography.RSACng in some cases rely on full trust. These include P/Invokes without asserting SecurityPermissionFlag.UnmanagedCode permissions, and code paths where System.Security.Cryptography.CngKey has permission demands for SecurityPermissionFlag.UnmanagedCode. Starting with the .NET Framework 4.6.2, CngLightup was used to switch to System.Security.Cryptography.RSACng wherever possible. As a result, partial trust apps that successfully used System.Security.Cryptography.Xml.EncryptedXml began to fail and throw SecurityException exceptions.This change adds the required asserts so that all functions using CngLightup have the required permissions.

Suggestion

If this change in the .NET Framework 4.6.2 has negatively impacted your partial trust apps, upgrade to the .NET Framework 4.7.1.

Name Value
Scope Edge
Version 4.6.2
Type Runtime

Affected APIs

Web Applications

"dataAnnotations:dataTypeAttribute:disableRegEx" app setting is on by default in .NET Framework 4.7.2

Details

In .NET Framework 4.6.1, an app setting (&quot;dataAnnotations:dataTypeAttribute:disableRegEx&quot;) was introduced that allows users to disable the use of regular expressions in data type attributes (such as System.ComponentModel.DataAnnotations.EmailAddressAttribute, System.ComponentModel.DataAnnotations.UrlAttribute, and System.ComponentModel.DataAnnotations.PhoneAttribute). This helps to reduce security vulnerability such as avoiding the possibility of a Denial of Service attack using specific regular expressions.
In .NET Framework 4.6.1, this app setting to disable RegEx usage was set to false by default. Starting with .NET Framework 4.7.2, this config switch is set to true by default to further reduce secure vulnerability for web applications that target .NET Framework 4.7.2 and above.

Suggestion

If you find that regular expressions in your web application do not work after upgrading to .NET Framework 4.7.2, you can update the value of the &quot;dataAnnotations:dataTypeAttribute:disableRegEx&quot; setting to false to revert to the previous behavior.

<configuration>
<appSettings>
...
<add key="dataAnnotations:dataTypeAttribute:disableRegEx" value="false"/>
...
</appSettings>
</configuration>

Name Value
Scope Minor
Version 4.7.2
Type Runtime

Affected APIs

Not detectable via API analysis.

Windows Communication Foundation (WCF)

svcTraceViewer ComboBox high contrast change

Details

In the Microsoft Service Trace Viewer tool, ComboBox controls were not displayed in the correct color in certain high contrast themes. The issue was fixed in .NET Framework 4.7.2. However, due to .NET Framework SDK backward compatibility requirements, the fix was not visible to customers by default. .NET 4.8 surfaces this change by adding the following AppContext configuration switches to the svcTraceViewer.exe.config file:

<AppContextSwitchOverrides value="Switch.UseLegacyAccessibilityFeatures=false;Switch.UseLegacyAccessibilityFeatures.2=false" />

Suggestion

If you don't want to have the high contrast behavior change, you can disable it by removing the following section from the svcTraceViewer.exe.config file:

<AppContextSwitchOverrides value="Switch.UseLegacyAccessibilityFeatures=false;Switch.UseLegacyAccessibilityFeatures.2=false" />
Name Value
Scope Edge
Version 4.8
Type Runtime

Affected APIs

Not detectable via API analysis.

WCF AddressHeaderCollection now throws an ArgumentException if an addressHeader element is null

Details

Starting with the .NET Framework 4.7.1, the AddressHeaderCollection(IEnumerable<AddressHeader>) constructor throws an ArgumentException if one of the elements is null. In the .NET Framework 4.7 and earlier versions, no exception is thrown.

Suggestion

If you encounter compatibility issues with this change on the .NET Framework 4.7.1 or a later version, you can opt-out of it by adding the following line to the <runtime> section of the app.config file:

<configuration>
  <runtime>
    <AppContextSwitchOverrides value="Switch.System.ServiceModel.DisableAddressHeaderCollectionValidation=true" />
  </runtime>
</configuration>
Name Value
Scope Minor
Version 4.7.1
Type Runtime

Affected APIs

WCF MsmqSecureHashAlgorithm default value is now SHA256

Details

Starting with the .NET Framework 4.7.1, the default message signing algorithm in WCF for Msmq messages is SHA256. In the .NET Framework 4.7 and earlier versions, the default message signing algorithm is SHA1.

Suggestion

If you run into compatibility issues with this change on the .NET Framework 4.7.1 or later, you can opt-out the change by adding the following line to the <runtime> section of your app.config file:

<configuration>
  <runtime>
    <AppContextSwitchOverrides value="Switch.System.ServiceModel.UseSha1InMsmqEncryptionAlgorithm=true" />
  </runtime>
</configuration>
Name Value
Scope Minor
Version 4.7.1
Type Runtime

Affected APIs

Not detectable via API analysis.

WCF PipeConnection.GetHashAlgorithm now uses SHA256

Details

Starting with the .NET Framework 4.7.1, Windows Communication Foundation uses a SHA256 hash to generate random names for named pipes. In the .NET Framework 4.7 and earlier versions, it used a SHA1 hash.

Suggestion

If you run into compatibility issue with this change on the .NET Framework 4.7.1 or later, you can opt-out it by adding the following line to the <runtime> section of your app.config file:

<configuration>
  <runtime>
    <AppContextSwitchOverrides value="Switch.System.ServiceModel.UseSha1InPipeConnectionGetHashAlgorithm=true" />
  </runtime>
</configuration>
Name Value
Scope Minor
Version 4.7.1
Type Runtime

Affected APIs

Not detectable via API analysis.

Windows Presentation Foundation (WPF)

Chained Popups with StaysOpen=False

Details

A Popup with StaysOpen=False is supposed to close when you click outside the Popup. When two or more such Popups are chained (i.e. one contains another), there were many problems, including:

  • Open two levels, click outside P2 but inside P1. Nothing happens.
  • Open two levels, click outside P1. Both popups close.
  • Open and close two levels. Then try to open P2 again. Nothing happens.
  • Try to open three levels. You can't. (Either nothing happens or the first two levels close, depending on where you click.)

These cases (and other variants) now work as expected.

Name Value
Scope Edge
Version 4.7.1
Type Runtime

Affected APIs

Data Binding improvement for KeyedCollection

Details

Fixed Binding incorrect use of IList indexer when the source object declares a custom indexer with the same signature (for example, KeyedCollection<int,TItem>).

Suggestion

In order for an application that targets an older version to benefit from this change, it must run on the .NET Framework 4.8 or later, and it must opt in to the change by adding the following AppContext switch to the <runtime> section of the app config file and setting it to false:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7"/>
</startup>
<runtime>
<!-- AppContextSwitchOverrides value attribute is in the form of 'key1=true/false;key2=true/false  -->
<AppContextSwitchOverrides value="Switch.System.Windows.Data.Binding.IListIndexerHidesCustomIndexer=false" />
</runtime>
</configuration>
Name Value
Scope Major
Version 4.8
Type Runtime

Affected APIs

Not detectable via API analysis.

DataGridCellsPanel.BringIndexIntoView throws ArgumentOutOfRangeException

Details

ScrollIntoView(Object) will work asynchronously when column virtualization is enabled but the column widths have not yet been determined. If columns are removed before the asynchronous work happens, an System.ArgumentOutOfRangeException can occur.

Suggestion

Any one of the following:

  • Upgrade to .NET Framework 4.7.
  • Install the latest servicing patch for .NET Framework 4.6.2.
  • Avoid removing columns until the asynchronous response to ScrollIntoView(Object) has completed.
Name Value
Scope Edge
Version 4.6.2
Type Runtime

Affected APIs

Fixed a issue when ListBox stops responding if it contains duplicate value-types

Details

Fixed a problem where a virtualizing ItemsControl can stop responding during scrolling when its Items collection contains duplicate value-typed objects.

Name Value
Scope Major
Version 4.8
Type Runtime

Affected APIs

Not detectable via API analysis.

Improvements to Grid star-rows space allocating algorithm

Details

Fixed a bug in the algorithm for allocating sizes to) in a Grid introduced in .NET Framework 4.7. In some cases, such as a Grid with Height=&quot;Auto&quot; containing empty rows, rows were arranged at the wrong position, possibly outside the Grid altogether.

Suggestion

In order for the application to benefit from these changes, it must run on the .NET Framework 4.8 or later.

Name Value
Scope Major
Version 4.8
Type Runtime

Affected APIs

Not detectable via API analysis.

Details

Fixed incorrect result of pressing an arrow key when the focus is on a hyperlink within an item that is not the selected item of the parent ItemsControl.

Name Value
Scope Major
Version 4.8
Type Runtime

Affected APIs

Not detectable via API analysis.

Keytips behavior improved in WPF

Details

Keytips behavior has been modified to bring parity with behavior on Microsoft Word and Windows Explorer. By checking whether keytip state is enabled or not in the case of a SystemKey (in particular, Key or F11) being pressed, WPF handles keytip keys appropriately. Keytips now dismiss a menu even when it is opened by mouse.

Suggestion

N/A

Name Value
Scope Edge
Version 4.7.2
Type Runtime

Affected APIs

Not detectable via API analysis.

ObjectDisposedException thrown by WPF spellchecker

Details

WPF applications occasionally crash during application shutdown with an System.ObjectDisposedException thrown by the spellchecker. This is fixed in .NET Framework 4.7 WPF by handling the exception gracefully, and thus ensuring that applications are no longer adversely affected. It should be noted that occasional first-chance exceptions would continue to be observed in applications running under a debugger.

Suggestion

Upgrade to .NET Framework 4.7

Name Value
Scope Edge
Version 4.6.1
Type Runtime

Affected APIs

Not detectable via API analysis.

Performance improvement in Automation tree for grouping ItemsControls

Details

Improved the performance of rebuilding the automation tree of an ItemsControl, such as a ListBox or DataGrid, in which grouping is enabled.

Name Value
Scope Major
Version 4.8
Type Runtime

Affected APIs

Not detectable via API analysis.

RibbonGroup background is set to transparent in localized builds

Details

System.Windows.Controls.Ribbon.RibbonGroup background on localized builds was always painted with Transparent brush, resulting in poor UI experience. This is fixed in .NET Framework 4.7 WPF fix by updating the localized resources for System.Windows.Controls.Ribbon.RibbonGroup, which in turn ensures that the correct brush is selected.

Suggestion

Upgrade to .NET Framework 4.7

Name Value
Scope Edge
Version 4.6.2
Type Runtime

Affected APIs

Not detectable via API analysis.

WPF Printing Stack Update

Details

WPF's Printing APIs using System.Printing.PrintQueue now call Window's Print Document Package API in favor of the now deprecated XPS Print API. The change was made with serviceability in mind; neither users nor developers should see any changes in behavior or API usage. The new printing stack is enabled by default when running in Windows 10 Creators Update. The old printing stack will still continue to work just as before in older Windows versions.

Suggestion

To use the old stack in Windows 10 Creators Update, set the UseXpsOMPrinting REG_DWORD value of the HKEY_CURRENT_USER\Software\Microsoft\.NETFramework\Windows Presentation Foundation\Printing registry key to 1.

Name Value
Scope Edge
Version 4.7
Type Runtime

Affected APIs

Not detectable via API analysis.

Windows Workflow Foundation (WF)

Workflow now throws original exception instead of NullReferenceException in some cases

Details

In the .NET Framework 4.6.2 and earlier versions, when the Execute method of a workflow activity throws an exception with a null value for the Message property, the System.Activities Workflow runtime throws a System.NullReferenceException, masking the original exception.In the .NET Framework 4.7, the previously masked exception is thrown.

Suggestion

If your code relies on handling the System.NullReferenceException, change it to catch the exceptions that could be thrown from your custom activities.

Name Value
Scope Minor
Version 4.7
Type Runtime

Affected APIs

Workflow SQL persistence adds primary key clusters and disallows null values in some columns

Details

Starting with the .NET Framework 4.7, the tables created for the SQL Workflow Instance Store (SWIS) by the SqlWorkflowInstanceStoreSchema.sql script use clustered primary keys. Because of this, identities do not support null values. The operation of SWIS is not impacted by this change. The updates were made to support SQL Server Transactional Replication.

Suggestion

The SQL file SqlWorkflowInstanceStoreSchemaUpgrade.sql must be applied to existing installations in order to experience this change. New database installations will automatically have the change.

Name Value
Scope Edge
Version 4.7
Type Runtime

Affected APIs

Not detectable via API analysis.