Retargeting changes for migration to .NET Framework 4.8.x
This article lists the app compatibility issues that were introduced in .NET Framework 4.8 and 4.8.1.
.NET Framework 4.8
Core
Managed cryptography classes do not throw a CryptographyException in FIPS mode
Details
In .NET Framework 4.7.2 and earlier versions, managed cryptographic provider classes such as SHA256Managed throw a CryptographicException when the system cryptographic libraries are configured in FIPS mode. These exceptions are thrown because the managed versions have not undergone FIPS (Federal Information Processing Standards) 140-2 certification, as well as to block cryptographic algorithms that were not considered to be approved based on the FIPS rules. Because few developers have their development machines in FIPS mode, these exceptions are frequently thrown only on production systems.Applications that target .NET Framework 4.8 and later versions automatically switch to the newer, relaxed policy, so that a CryptographicException is no longer thrown by default in such cases. Instead, the managed cryptography classes redirect cryptographic operations to a system cryptography library. This policy change effectively removes a potentially confusing difference between developer environments and the production environments and makes native components and managed components operate under the same cryptographic policy.
Suggestion
If this behavior is undesirable, you can opt out of it and restore the previous behavior so that a CryptographicException is thrown in FIPS mode by adding the following AppContextSwitchOverrides configuration setting to the <runtime> section of your application configuration file:
<runtime>
<AppContextSwitchOverrides value="Switch.System.Security.Cryptography.UseLegacyFipsThrow=true" />
</runtime>
If your application targets .NET Framework 4.7.2 or earlier, you can also opt in to this change by adding the following AppContextSwitchOverrides configuration setting to the <runtime> section of your application configuration file:
<runtime>
<AppContextSwitchOverrides value="Switch.System.Security.Cryptography.UseLegacyFipsThrow=false" />
</runtime>
| Name | Value |
|---|---|
| Scope | Edge |
| Version | 4.8 |
| Type | Retargeting |
Affected APIs
- System.Security.Cryptography.AesManaged
- System.Security.Cryptography.MD5Cng
- System.Security.Cryptography.MD5CryptoServiceProvider
- System.Security.Cryptography.RC2CryptoServiceProvider
- System.Security.Cryptography.RijndaelManaged
- System.Security.Cryptography.RIPEMD160Managed
- System.Security.Cryptography.SHA1Managed
- System.Security.Cryptography.SHA256Managed
Windows Forms
Accessibility improvements in Windows Forms controls for .NET 4.8
Details
The Windows Forms Framework is continuing to improve how it works with accessibility technologies to better support Windows Forms customers. These include the following changes:
- Changes to improve display during High Contrast mode.
- Changes to interaction with Narrator.
- Changes in the Accessible hierarchy (improving navigation through the UI Automation tree).
Suggestion
How to opt in or out of these changes In order for the application to benefit from these changes, it must run on the .NET Framework 4.8. The application can opt in into these changes in either of the following ways:
- It is recompiled to target the .NET Framework 4.8. These accessibility changes are enabled by default on Windows Forms applications that target the .NET Framework 4.8.
- It targets the .NET Framework 4.7.2 or earlier version and opts out of the legacy accessibility behaviors by adding the following AppContext switch to the
<runtime>section of the app config file and setting it tofalse, as the following example shows.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7"/>
</startup>
<runtime>
<!-- AppContextSwitchOverrides value attribute is in the form of 'key1=true/false;key2=true/false -->
<AppContextSwitchOverrides value="Switch.UseLegacyAccessibilityFeatures=false;Switch.UseLegacyAccessibilityFeatures.2=false;Switch.UseLegacyAccessibilityFeatures.3=false" />
</runtime>
</configuration>
Note that to opt in to the accessibility features added in .NET Framework 4.8, you must also opt in to accessibility features of .NET Framework 4.7.1 and 4.7.2 as well. Applications that target the .NET Framework 4.8 and want to preserve the legacy accessibility behavior can opt in to the use of legacy accessibility features by explicitly setting this AppContext switch to true.Enabling the keyboard ToolTip invocation support requires adding the Switch.System.Windows.Forms.UseLegacyToolTipDisplay=false line to the AppContextSwitchOverrides value:
<AppContextSwitchOverrides value="Switch.UseLegacyAccessibilityFeatures=false;Switch.UseLegacyAccessibilityFeatures.2=false;Switch.UseLegacyAccessibilityFeatures.3=false;Switch.System.Windows.Forms.UseLegacyToolTipDisplay=false" />
Note that enabling this feature requires opting in to the aforementioned accessibility features of .NET Framework 4.7.1 - 4.8. Also, if any of the accessibility features are not opted in but the tooltip display feature is opted in, a runtime NotSupportedException will be thrown on the first access to these features. The exception message indicates that keyboard ToolTips require accessibility improvements of level 3 to be enabled.
Use of OS-defined colors in High Contrast themes
- Improved high-contrast themes.
Improved Narrator support
- Narrator now announces the sort direction of the DataGridViewColumn when announcing an accessible name of a DataGridViewCell.
Improved CheckedListBox Accessibility support
- Improved Narrator support for the CheckedListBox control. When navigating to the CheckedListBox control using the keyboard, Narrator focuses the CheckedListBox item and announces it.
- An empty CheckedListBox control now has a focus rectangle drawn for a virtual first item when the control becomes focused.
Improved ComboBox Accessibility support
Enabled UI Automation support for the ComboBox control, with the ability to use UI Automation notifications and other UI Automation features. Improved DataGridView Accessibility support
Enabled UI Automation support for DataGridView control with ability to use UI Automation notifications and other UI Automation features.
The UI Automation element which corresponds to the DataGridViewComboBoxEditingControl or DataGridViewTextBoxEditingControl is now a child of corresponding editing cell.
Improved LinkLabel Accessibility support
- Improved LinkLabel control accessibility: Narrator announces the disabled state for the link if the corresponding LinkLabel control is disabled.
Improved ProgressBar Accessibility support
- Enabled UI Automation support for the ProgressBar control with the ability to use UI Automation notifications and other UI Automation features. Developers are now able to use UI Automation notifications which Narrator can announce to indicate progress. For an overview of UI automation events overview, including UI automation notification events, see the UI Automation Events Overview.
Improved PropertyGrid Accessibility support
- Enabled UI Automation support for the PropertyGrid control, with the ability to use UI Automation notifications and other UI Automation features.
- The UI Automation element which corresponds to the currently edited property is now a child of the corresponding property item UI Automation element.
- The UI Automation property item element is now a child of the corresponding category element if the parent PropertyGrid control is set to category view.
Improved ToolStrip support
- Enabled UI Automation support for the ToolStrip control, with the ability to use UI Automation notifications and other UI Automation features.
- Improved navigation through ToolStrip items.
- In items mode, Narrator focus does not disappear and does not go to hidden items.
Improved Visual cues
- An empty CheckedListBox control now displays a focus indicator when it receives focus. Note: UI automation support is enabled for controls in runtime but is not used in design time. For an overview of UI automation, see the UI Automation Overview.
Invoking controls' ToolTips with a keyboard
- Control tooltip can now be invoked by focusing the control with keyboard. This feature needs to be enabled explicitly for the application (see section "How to opt in or out of these changes")
| Name | Value |
|---|---|
| Scope | Major |
| Version | 4.8 |
| Type | Retargeting |
Windows Presentation Foundation (WPF)
Accessibility improvements in WPF
Details
High Contrast improvements
- The focus for the Expander control is now visible. In previous versions of .NET Framework, it was not.
- The text in CheckBox and RadioButton controls when they are selected is now easier to see than in previous .NET Framework versions.
- The border of a disabled ComboBox is now the same color as the disabled text. In previous versions of .NET Framework, it was not.
- Disabled and focused buttons now use the correct theme color. In previous versions of .NET Framework, they did not.
- The dropdown button is now visible when a ComboBox control's style is set to ToolBar.ComboBoxStyleKey. In previous versions of .NET Framework, it was not.
- The sort indicator arrow in a DataGrid control now uses theme colors. In previous versions of .NET Framework, it did not.
- The default hyperlink style now changes to the correct theme color on mouse over. In previous versions of .NET Framework, it did not.
- The Keyboard focus on radio buttons is now visible. In previous versions of .NET Framework, it was not.
- The DataGrid control's checkbox column now uses the expected colors for keyboard focus feedback. In previous versions of .NET Framework, it did not.
- the Keyboard focus visuals are now visible on ComboBox and ListBox controls. In previous versions of .NET Framework, it was not.
Screen reader interaction improvements
- Expander controls are now correctly announced as groups (expand/collapse) by screen readers.
- DataGridCell controls are now correctly announced as data grid cell (localized) by screen readers.
- Screen readers will now announce the name of an editable ComboBox.
- PasswordBox controls are no longer announced as "no item in view" by screen readers.
LiveRegion support
Screen readers, such as Narrator, help people understand the user interface (UI) of an application, usually by describing the UI element that currently has focus. However, if a UI element changes somewhere in the screen and it does not have the focus, the user may not be informed and miss important information. LiveRegions are meant to solve this problem. A developer can use them to inform the screen reader or any other UI Automation client that an important change has been made to a UI element. The screen reader can then decide how and when to inform the user of this change. The LiveSetting property also lets the screen reader know how important it is to inform the user of the change made to the UI.
Suggestion
How to opt in or out of these changes
In order for the application to benefit from these changes, it must run on .NET Framework 4.7.1 or later. The application can benefit from these changes in either of the following ways:
Target .NET Framework 4.7.1. This is the recommended approach. These accessibility changes are enabled by default on WPF applications that target .NET Framework 4.7.1 or later.
It opts out of the legacy accessibility behaviors by adding the following AppContext Switch in the
<runtime>section of the app config file and setting it tofalse, as the following example shows.<?xml version="1.0" encoding="utf-8"?> <configuration> <startup> <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7"/> </startup> <runtime> <!-- AppContextSwitchOverrides value attribute is in the form of 'key1=true/false;key2=true/false' --> <AppContextSwitchOverrides value="Switch.UseLegacyAccessibilityFeatures=false" /> </runtime> </configuration>
Applications that target .NET Framework 4.7.1 or later and want to preserve the legacy accessibility behavior can opt in to the use of legacy accessibility features by explicitly setting this AppContext switch to true.
For an overview of UI automation, see UI Automation Overview.
| Name | Value |
|---|---|
| Scope | Major |
| Version | 4.7.1 |
| Type | Retargeting |
Affected APIs
- AutomationElementIdentifiers.LiveSettingProperty
- AutomationElementIdentifiers.LiveRegionChangedEvent
- System.Windows.Automation.AutomationLiveSetting
- AutomationProperties.LiveSettingProperty
- AutomationProperties.SetLiveSetting(DependencyObject, AutomationLiveSetting)
- AutomationProperties.GetLiveSetting(DependencyObject)
- AutomationPeer.GetLiveSettingCore()
Add SelectionTextBrush public property to TextBox/PasswordBox non-adorner selection
Details
In WPF applications using non-adorner based text selection for TextBox and PasswordBox, developers may now set the newly added SelectionTextBrush property in order to alter the rendering of the selected text. By default, this color changes with HighlightTextBrushKey. If non-adorner based text selection is not enabled, this property does nothing.
Suggestion
Once non-adorner based text selection is enabled, you can use the PasswordBox.SelectionTextBrush and SelectionTextBrush property to change the appearance of the selected text. This can be achieved using XAML:
<TextBox SelectionBrush="Red" SelectionTextBrush="White" SelectionOpacity="0.5"
Foreground="Blue" CaretBrush="Blue">
This is some text.
</TextBox>
| Name | Value |
|---|---|
| Scope | Major |
| Version | 4.8 |
| Type | Retargeting |
Affected APIs
- TextBoxBase.SelectionTextBrushProperty
- TextBoxBase.SelectionTextBrush
- System.Windows.Controls.TextBox
- System.Windows.Controls.PasswordBox
HwndHost now correctly resizes child-HWND during DPI changes
Details
In .NET Framework 4.7.2 and earlier versions, when WPF was run in Per-Monitor Aware mode, controls hosted within HwndHost were not sized correctly after DPI changes, such as when moving applications from one monitor to another. This fix ensures that hosted controls are sized appropriately.
Suggestion
In order for the application to benefit from these changes, it must run on the .NET Framework 4.7.2 or later, and it must opt-in to this behavior by setting the following AppContext Switch in the <runtime> section of the app config file to false, as the following example shows.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7"/>
</startup>
<runtime>
<!-- AppContextSwitchOverrides value attribute is in the form of 'key1=true/false;key2=true/false -->
<AppContextSwitchOverrides value="Switch.System.Windows.DoNotUsePresentationDpiCapabilityTier2OrGreater=false" />
</runtime>
</configuration>
| Name | Value |
|---|---|
| Scope | Major |
| Version | 4.8 |
| Type | Retargeting |
Windows Workflow Foundation (WF)
Accessibility improvements in Windows Workflow Foundation (WF) workflow designer
Details
The Windows Workflow Foundation (WF) workflow designer is improving how it works with accessibility technologies. These improvements include the following changes:
- The tab order is changed to left to right and top to bottom in some controls:
- The initialize correlation window for setting correlation data for the InitializeCorrelation activity
- The content definition window for the Receive, Send, SendReply, and ReceiveReply activities
- More functions are available via the keyboard:
- When editing the properties of an activity, property groups can be collapsed by keyboard the first time they are focused.
- Warning icons are now accessible by keyboard.
- The More Properties button in the Properties window is now accessible by keyboard.
- Keyboard users now can access the header items in the Arguments and Variables panes of the Workflow Designer.
- Improved visibility of items with focus, such as when:
- Adding rows to data grids used by the Workflow Designer and activity designers.
- Tabbing through fields in the ReceiveReply and SendReply activities.
- Setting default values for variables or arguments
- Screen readers can now correctly recognize:
- Breakpoints set in the workflow designer.
- The FlowSwitch<T>, FlowDecision, and CorrelationScope activities.
- The contents of the Receive activity.
- The Target Type for the InvokeMethod activity.
- The Exception combobox and the Finally section in the TryCatch activity.
- The Message Type combobox, the splitter in the Add Correlation Initializers window, the Content Definition window, and the CorrelatesOn Defintion window in the messaging activities (Receive, Send, SendReply, and ReceiveReply).
- State machine transitions and transitions destinations.
- Annotations and connectors on FlowDecision activities.
- The context (right-click) menus for activities.
- The property value editors, the Clear Search button, the By Category and Alphabetical sort buttons, and the Expression Editor dialog in the properties grid.
- The zoom percentage in the Workflow Designer.
- The separator in Parallel and Pick activities.
- The InvokeDelegate activity.
- The Select Types window for dictionary activities (
Microsoft.Activities.AddToDictionary<TKey,TValue>,Microsoft.Activities.RemoveFromDictionary<TKey,TValue>, etc.). - The Browse and Select .NET Type window.
- Breadcrumbs in the Workflow Designer.
- Users who choose High Contrast themes will see many improvements in the visibility of the Workflow Designer and its controls like better contrast ratios between elements and more noticeable selection boxes used for focus elements.
Suggestion
If you have an application with a re-hosted workflow designer, your application can benefit from these changes by performing either of these actions:
- Recompile your application to target the .NET Framework 4.7.1. These accessibility changes are enabled by default.
- If your application targets the .NET Framework 4.7 or earlier but is running on the .NET Framework 4.7.1, you can opt out of these legacy accessibility behaviors by adding the following AppContext switch to the
<runtime>section of the app.config file and set it tofalse, as the following example shows.
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7"/>
</startup>
<runtime>
<!-- AppContextSwitchOverrides value attribute is in the form of 'key1=true/false;key2=true/false -->
<AppContextSwitchOverrides value="Switch.UseLegacyAccessibilityFeatures=false" />
</runtime>
</configuration>
Applications that target the .NET Framework 4.7.1 or later and want to preserve the legacy accessibility behavior can opt in to the use of legacy accessibility features by explicitly setting this AppContext switch to true.
| Name | Value |
|---|---|
| Scope | Minor |
| Version | 4.7.1 |
| Type | Retargeting |
Workflow XAML checksums for symbols changed from SHA1 to SHA256
Details
To support debugging with Visual Studio, the Workflow runtime generates a checksum for a workflow XAML file using a hashing algorithm. In the .NET Framework 4.6.2 and earlier versions, workflow checksum hashing used the MD5 algorithm, which caused issues on FIPS-enabled systems. Starting with the .NET Framework 4.7, the default algorithm was changed to SHA1. Starting with the .NET Framework 4.8, the default algorithm was changed to SHA256.
Suggestion
If your code is unable to load workflow instances or to find appropriate symbols due to a checksum failure, try setting the AppContext switch "Switch.System.Activities.UseSHA1HashForDebuggerSymbols" to true. In code:
System.AppContext.SetSwitch("Switch.System.Activities.UseSHA1HashForDebuggerSymbols", true);
Or in configuration:
<configuration>
<runtime>
<AppContextSwitchOverrides value="Switch.System.Activities.UseSHA1HashForDebuggerSymbols=true" />
</runtime>
</configuration>
| Name | Value |
|---|---|
| Scope | Minor |
| Version | 4.8 |
| Type | Retargeting |
Workflow XOML definition and SqlTrackingService cache keys changed from MD5 to SHA256
Details
The Workflow Runtime in keeps a cache of workflow definitions defined in XOML. The SqlTrackingService also keeps a cache that is keyed by strings. These caches are keyed by values that include checksum hash value. In the .NET Framework 4.7.2 and earlier versions, this checksum hashing used the MD5 algorithm, which caused issues on FIPS-enabled systems. Starting with the .NET Framework 4.8, the algorithm used is SHA256.There shouldn't be a compatibility issue with this change because the values are recalculated each time the Workflow Runtime and SqlTrackingService is started. However, we have provided quirks to allow customers to revert back to usage of the legacy hashing algorithm, if necessary.
Suggestion
If this change presents a problem when executing workflows, try setting one or both of the AppContext switches:
- "Switch.System.Workflow.Runtime.UseLegacyHashForWorkflowDefinitionDispenserCacheKey" to true.
- "Switch.System.Workflow.Runtime.UseLegacyHashForSqlTrackingCacheKey" to true. In code:
System.AppContext.SetSwitch("Switch.System.Workflow.Runtime.UseLegacyHashForWorkflowDefinitionDispenserCacheKey", true);
System.AppContext.SetSwitch("Switch.System.Workflow.Runtime.UseLegacyHashForSqlTrackingCacheKey", true);
Or in the configuration file (this needs to be in the config file for the application that is creating the WorkflowRuntime object):
<configuration>
<runtime>
<AppContextSwitchOverrides value="Switch.System.Workflow.Runtime.UseLegacyHashForWorkflowDefinitionDispenserCacheKey=true" />
<AppContextSwitchOverrides value="Switch.System.Workflow.Runtime.UseLegacyHashForSqlTrackingCacheKeytrue" />
</runtime>
</configuration>
| Name | Value |
|---|---|
| Scope | Minor |
| Version | 4.8 |
| Type | Retargeting |
Workflow XOML file checksums changed from MD5 to SHA256
Details
To support debugging XOML-based workflows with Visual Studio, when workflow projects containing XOML files build, a checksum of the contents of the XOML file is included in the code generated as a WorkflowMarkupSourceAttribute.MD5Digest value. In the .NET Framework 4.7.2 and earlier versions, this checksum hashing used the MD5 algorithm, which caused issues on FIPS-enabled systems. Starting with the .NET Framework 4.8, the algorithm used is SHA256. To be compatible with the WorkflowMarkupSourceAttribute.MD5Digest, only the first 16 bytes of the generated checksum are used.This may cause problems during debugging. You may need to re-build your project.
Suggestion
If re-building your project does not solve the problem, try setting the AppContext switch "Switch.System.Workflow.ComponentModel.UseLegacyHashForXomlFileChecksum" to true.In code:
System.AppContext.SetSwitch("Switch.System.Workflow.ComponentModel.UseLegacyHashForXomlFileChecksum", true);
Or in a configuration file (this needs to be in MSBuild.exe.config for the MSBuild.exe that you are using):
<configuration>
<runtime>
<AppContextSwitchOverrides value="Switch.System.Workflow.ComponentModel.UseLegacyHashForXomlFileChecksum=true" />
</runtime>
</configuration>
| Name | Value |
|---|---|
| Scope | Minor |
| Version | 4.8 |
| Type | Retargeting |
.NET Framework 4.8.1
No app compatibility issues were introduced in .NET Framework 4.8.1.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for