What's new in .NET Framework
Note
.NET Framework is serviced independently from Windows updates with security and reliability bug fixes. In general, security updates are released quarterly. .NET Framework will continue to be included with Windows, with no plans to remove it. You don't need to migrate your .NET Framework apps, but for new development, use .NET 8 or later.
This article summarizes key new features and improvements in the following versions of .NET Framework:
- .NET Framework 4.8.1
- .NET Framework 4.8
- .NET Framework 4.7.2
- .NET Framework 4.7.1
- .NET Framework 4.7
- .NET Framework 4.6.2
- .NET Framework 4.6.1
- .NET 2015 and .NET Framework 4.6
- .NET Framework 4.5.2
- .NET Framework 4.5.1
- .NET Framework 4.5
This article does not provide comprehensive information about each new feature and is subject to change. For general information about .NET Framework, see Getting Started. For supported platforms, see System Requirements. For download links and installation instructions, see Installation Guide.
Note
The .NET Framework team also releases features out of band, using NuGet, to expand platform support and introduce new functionality, such as immutable collections and SIMD-enabled vector types. For more information, see Additional Class Libraries and APIs and .NET Framework and Out-of-Band Releases. See a complete list of NuGet packages for .NET Framework.
Introducing .NET Framework 4.8.1
.NET Framework 4.8.1 builds on previous versions of .NET Framework 4.x by adding many new fixes and several new features while remaining a very stable product.
Download and install .NET Framework 4.8.1
You can download .NET Framework 4.8.1 from the following locations:
.NET Framework 4.8 can be installed on Windows 11, Windows 10 version 21H2, Windows 10 version 21H1, Windows 10 version 20H2, and the corresponding server platforms starting with Windows Server 2022. You can install .NET Framework 4.8.1 by using either the web installer or the offline installer. The recommended way for most users is to use the web installer.
You can target .NET Framework 4.8.1 in Visual Studio 2022 17.3 or later by installing the .NET Framework 4.8.1 Developer Pack.
What's new in .NET Framework 4.8.1
.NET Framework 4.8.1 introduces new features in the following areas:
- Native support for Arm64
- WCAG2.1 compliant accessible tooltips
- Windows Forms – Accessibility Improvements
Improved accessibility, which allows an application to provide an appropriate experience for users of Assistive Technology, is a major focus of .NET Framework 4.8.1. For information on accessibility improvements in .NET Framework 4.8.1, see What's new in accessibility in .NET Framework.
.NET Framework 4.8.1 adds native Arm64 support to the .NET Framework family. So, your investments in the vast ecosystem of .NET Framework apps and libraries can now leverage the benefits of running workloads natively on Arm64—namely better performance when compared to running x64 code emulated on Arm64.
Microsoft has a commitment to providing products and platforms that are accessible to everyone. .NET Framework 4.8.1 offers two Windows UI development platforms, both of which provide developers with the support necessary to create accessible applications. Over the past several releases, both Windows Forms and WPF have added new features and fixed numerous reliability issues related to accessibility. You can read more about the details of what was fixed or added in each release by visiting What’s new in accessibility in .NET Framework.
In this release, both Windows Forms and WPF have made improvements to the handling of tooltips to make them more accessible. In both cases, tooltips now comply with the guidelines set forth in the WCAG2.1 content on Hover or Focus guidance. The requirements for tooltips are:
- Tooltips must display either via mouse hover or by keyboard navigation to the control.
- Tooltips should be dismissable. That is, a simple keyboard command like Esc should dismiss the tooltip.
- Tooltips should be hoverable. Users should be able to place their mouse cursor over the tooltip. This enables scenarios like using magnifier to be able to read the tooltip for low-vision users.
- Tooltips should be persistent. Tooltips should not automatically disappear after a certain amount of time has elapsed. Rather, tooltips should be dismissed by the user moving their mouse to another control or by a keyboard command.
In Windows Forms, this support is only available on Windows 11 or later operating systems. Windows Forms is a thin managed wrapper around the Windows API, and the new tooltip behavior only became available in Windows 11. WPF has no operating system version dependencies for its accessible tooltips.
WPF had implemented most of the requirements for WCAG2.1 compliant tooltips in .NET Framework 4.8. In this release, WPF improved the experience by ensuring that a tooltip in the current window can easily be dismissed by using the Esc key, the Ctrl key (by itself), or by the combination Ctrl+Shift+F10. The scope of the escape key was reduced in this release to apply only to the current window. Previously it applied to any open tooltip in the application.
Windows Forms was the first Windows UI stack created for .NET Framework. As such, it was originally created to utilize legacy accessibility technology, which doesn't meet current accessibility requirements. In this release, Windows Forms has addressed a number of issues. For a complete list of the accessibility related changes, visit What’s new in accessibility in .NET Framework.
The highlights of Windows Forms improvements in .NET Framework 4.8.1 are:
Text pattern support– Windows Forms added support for the UIA Text Pattern. This pattern enables assistive technology to traverse the content of a TextBox or similar text-based control letter by letter. It enables text to be selected within the control and changed, and new text to be inserted at the cursor. Windows Forms added this support for TextBox, DataGridView cells, ComboBox controls, and more.
Address contrast issues– In several controls, Windows Forms has changed the contrast ratio of selection rectangles to be darker and more visible.
Fixed several DataGridView issues:
- The scrollbar names have been updated to be consistent.
- Narrator is now able to focus on empty DataGridView cells.
- Developers are able to set the localized control type property for Custom DataGridView cells.
- The link color for DataGridViewLink cells has been updated to have better contrast with the background.
Introducing .NET Framework 4.8
.NET Framework 4.8 builds on previous versions of .NET Framework 4.x by adding many new fixes and several new features while remaining a very stable product.
Download and install .NET Framework 4.8
You can download .NET Framework 4.8 from the following locations:
.NET Framework 4.8 can be installed on Windows 10, Windows 8.1, Windows 7 SP1, and the corresponding server platforms starting with Windows Server 2008 R2 SP1. You can install .NET Framework 4.8 by using either the web installer or the offline installer. The recommended way for most users is to use the web installer.
You can target .NET Framework 4.8 in Visual Studio 2012 or later by installing the .NET Framework 4.8 Developer Pack.
What's new in .NET Framework 4.8
.NET Framework 4.8 introduces new features in the following areas:
- Base classes
- Windows Communication Foundation (WCF)
- Windows Presentation Foundation (WPF)
- Common language runtime
Improved accessibility, which allows an application to provide an appropriate experience for users of Assistive Technology, continues to be a major focus of .NET Framework 4.8. For information on accessibility improvements in .NET Framework 4.8, see What's new in accessibility in .NET Framework.
Base classes
Reduced FIPS impact on Cryptography. In previous versions of .NET Framework, managed cryptographic provider classes such as SHA256Managed throw a CryptographicException when the system cryptographic libraries are configured in "FIPS mode". These exceptions are thrown because the managed versions of the cryptographic provider classes, unlike the system cryptographic libraries, have not undergone FIPS (Federal Information Processing Standards) 140-2 certification. Because few developers have their development machines in FIPS mode, the exceptions are commonly thrown in production systems.
By default in applications that target .NET Framework 4.8, the following managed cryptography classes no longer throw a CryptographicException in this case:
- MD5Cng
- MD5CryptoServiceProvider
- RC2CryptoServiceProvider
- RijndaelManaged
- RIPEMD160Managed
- SHA256Managed
Instead, these classes redirect cryptographic operations to a system cryptography library. This change effectively removes a potentially confusing difference between developer environments and production environments and makes native components and managed components operate under the same cryptographic policy. Applications that depend on these exceptions can restore the previous behavior by setting the AppContext switch Switch.System.Security.Cryptography.UseLegacyFipsThrow
to true
. For more information, see Managed cryptography classes do not throw a CryptographyException in FIPS mode.
Use of updated version of ZLib
Starting with .NET Framework 4.5, the clrcompression.dll assembly uses ZLib, a native external library for data compression, in order to provide an implementation for the deflate algorithm. The .NET Framework 4.8 version of clrcompression.dll is updated to use ZLib Version 1.2.11, which includes several key improvements and fixes.
Windows Communication Foundation (WCF)
Introduction of ServiceHealthBehavior
Health endpoints are widely used by orchestration tools to manage services based on their health status. Health checks can also be used by monitoring tools to track and provide notifications about the availability and performance of a service.
ServiceHealthBehavior is a WCF service behavior that extends IServiceBehavior. When added to the ServiceDescription.Behaviors collection, a service behavior does the following:
Returns service health status with HTTP response codes. You can specify in a query string the HTTP status code for a HTTP/GET health probe request.
Publishes information about service health. Service-specific details, including service state, throttle counts, and capacity can be displayed by using an HTTP/GET request with the
?health
query string. Ease of access to such information is important when troubleshooting a misbehaving WCF service.
There are two ways to expose the health endpoint and publish WCF service health information:
Through code. For example:
ServiceHost host = new ServiceHost(typeof(Service1), new Uri("http://contoso:81/Service1")); ServiceHealthBehavior healthBehavior = host.Description.Behaviors.Find<ServiceHealthBehavior>(); healthBehavior ??= new ServiceHealthBehavior(); host.Description.Behaviors.Add(healthBehavior);
Dim host As New ServiceHost(GetType(Service1), New Uri("http://contoso:81/Service1")) Dim healthBehavior As ServiceHealthBehavior = host.Description.Behaviors.Find(Of ServiceHealthBehavior)() If healthBehavior Is Nothing Then healthBehavior = New ServiceHealthBehavior() End If host.Description.Behaviors.Add(healthBehavior)
By using a configuration file. For example:
<behaviors> <serviceBehaviors> <behavior name="DefaultBehavior"> <serviceHealth httpsGetEnabled="true"/> </behavior> </serviceBehaviors> </behaviors>
A service's health status can be queried by using query parameters such as OnServiceFailure
, OnDispatcherFailure
, OnListenerFailure
, OnThrottlePercentExceeded
), and an HTTP response code can be specified for each query parameter. If the HTTP response code is omitted for a query parameter, a 503 HTTP response code is used by default. For example:
OnServiceFailure:
https://contoso:81/Service1?health&OnServiceFailure=450
A 450 HTTP response status code is returned when ServiceHost.State is greater than CommunicationState.Opened.
Query parameters and examples:
OnDispatcherFailure:
https://contoso:81/Service1?health&OnDispatcherFailure=455
A 455 HTTP response status code is returned when the state of any of the channel dispatchers is greater than CommunicationState.Opened.
OnListenerFailure:
https://contoso:81/Service1?health&OnListenerFailure=465
A 465 HTTP response status code is returned when the state of any of the channel listeners is greater than CommunicationState.Opened.
OnThrottlePercentExceeded:
https://contoso:81/Service1?health&OnThrottlePercentExceeded= 70:350,95:500
Specifies the percentage {1 – 100} that triggers the response and its HTTP response code {200 – 599}. In this example:
If the percentage is greater than 95, a 500 HTTP response code is returned.
If the percentage is between 70 and 95, 350 is returned.
Otherwise, 200 is returned.
The service health status can be displayed either in HTML by specifying a query string like https://contoso:81/Service1?health
or in XML by specifying a query string like https://contoso:81/Service1?health&Xml
. A query string like https://contoso:81/Service1?health&NoContent
returns an empty HTML page.
Windows Presentation Foundation (WPF)
High DPI enhancements
In .NET Framework 4.8, WPF adds support for Per-Monitor V2 DPI Awareness and Mixed-Mode DPI scaling. See High DPI Desktop Application Development on Windows for additional information about high DPI development.
.NET Framework 4.8 improves support for hosted HWNDs and Windows Forms interoperation in High-DPI WPF applications on platforms that support Mixed-Mode DPI scaling (starting with Windows 10 April 2018 Update). When hosted HWNDs or Windows Forms controls are created as Mixed-Mode DPI-scaled windows by calling SetThreadDpiHostingBehavior and SetThreadDpiAwarenessContext, they can be hosted in a Per-Monitor V2 WPF application and are sized and scaled appropriately. Such hosted content is not rendered at the native DPI; instead, the operating system scales the hosted content to the appropriate size. The support for Per-Monitor v2 DPI awareness mode also allows WPF controls to be hosted (that is, parented) in a native window in a high-DPI application.
To enable support for Mixed-Mode High DPI scaling, you can set the following AppContext switches the application configuration file:
<runtime>
<AppContextSwitchOverrides value = "Switch.System.Windows.DoNotScaleForDpiChanges=false; Switch.System.Windows.DoNotUsePresentationDpiCapabilityTier2OrGreater=false"/>
</runtime>
Common language runtime
The runtime in .NET Framework 4.8 includes the following changes and improvements:
Improvements to the JIT compiler. The Just-in-time (JIT) compiler in .NET Framework 4.8 is based on the JIT compiler in .NET Core 2.1. Many of the optimizations and all of the bug fixes made to the .NET Core 2.1 JIT compiler are included in the .NET Framework 4.8 JIT compiler.
NGEN improvements. The runtime has improved its memory management for Native Image Generator (NGEN) images so that data mapped from NGEN images are not memory-resident. This reduces the surface area available to attacks that attempt to execute arbitrary code by modifying memory that will be executed.
Antimalware scanning for all assemblies. In previous versions of .NET Framework, the runtime scans all assemblies loaded from disk using either Windows Defender or third-party antimalware software. However, assemblies loaded from other sources, such as by the Assembly.Load(Byte[]) method, are not scanned and can potentially contain undetected malware. Starting with .NET Framework 4.8 running on Windows 10, the runtime triggers a scan by antimalware solutions that implement the Antimalware Scan Interface (AMSI).
What's new in .NET Framework 4.7.2
.NET Framework 4.7.2 includes new features in the following areas:
A continuing focus in .NET Framework 4.7.2 is improved accessibility, which allows an application to provide an appropriate experience for users of Assistive Technology. For information on accessibility improvements in .NET Framework 4.7.2, see What's new in accessibility in .NET Framework.
Base classes
.NET Framework 4.7.2 features a large number of cryptographic enhancements, better decompression support for ZIP archives, and additional collection APIs.
New overloads of RSA.Create and DSA.Create
The DSA.Create(DSAParameters) and RSA.Create(RSAParameters) methods let you supply key parameters when instantiating a new DSA or RSA key. They allow you to replace code like the following:
// Before .NET Framework 4.7.2
using (RSA rsa = RSA.Create())
{
rsa.ImportParameters(rsaParameters);
// Other code to execute using the RSA instance.
}
' Before .NET Framework 4.7.2
Using rsa = RSA.Create()
rsa.ImportParameters(rsaParameters)
' Other code to execute using the rsa instance.
End Using
with code like this:
// Starting with .NET Framework 4.7.2
using (RSA rsa = RSA.Create(rsaParameters))
{
// Other code to execute using the rsa instance.
}
' Starting with .NET Framework 4.7.2
Using rsa = RSA.Create(rsaParameters)
' Other code to execute using the rsa instance.
End Using
The DSA.Create(Int32) and RSA.Create(Int32) methods let you generate new DSA or RSA keys with a specific key size. For example:
using (DSA dsa = DSA.Create(2048))
{
// Other code to execute using the dsa instance.
}
Using dsa = DSA.Create(2048)
' Other code to execute using the dsa instance.
End Using
Rfc2898DeriveBytes constructors accept a hash algorithm name
The Rfc2898DeriveBytes class has three new constructors with a HashAlgorithmName parameter that identifies the HMAC algorithm to use when deriving keys. Instead of using SHA-1, developers should use a SHA-2-based HMAC like SHA-256, as shown in the following example:
private static byte[] DeriveKey(string password, out int iterations, out byte[] salt,
out HashAlgorithmName algorithm)
{
iterations = 100000;
algorithm = HashAlgorithmName.SHA256;
const int SaltSize = 32;
const int DerivedValueSize = 32;
using (Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(password, SaltSize,
iterations, algorithm))
{
salt = pbkdf2.Salt;
return pbkdf2.GetBytes(DerivedValueSize);
}
}
Private Shared Function DeriveKey(password As String, ByRef iterations As Integer,
ByRef salt AS Byte(), ByRef algorithm As HashAlgorithmName) As Byte()
iterations = 100000
algorithm = HashAlgorithmName.SHA256
Const SaltSize As Integer = 32
Const DerivedValueSize As Integer = 32
Using pbkdf2 = New Rfc2898DeriveBytes(password, SaltSize, iterations, algorithm)
salt = pbkdf2.Salt
Return pbkdf2.GetBytes(DerivedValueSize)
End Using
End Function
Support for ephemeral keys
PFX import can optionally load private keys directly from memory, bypassing the hard drive. When the new X509KeyStorageFlags.EphemeralKeySet flag is specified in an X509Certificate2 constructor or one of the overloads of the X509Certificate2.Import method, the private keys will be loaded as ephemeral keys. This prevents the keys from being visible on the disk. However:
Since the keys are not persisted to disk, certificates loaded with this flag are not good candidates to add to an X509Store.
Keys loaded in this manner are almost always loaded via Windows CNG. Therefore, callers must access the private key by calling extension methods, such as cert.GetRSAPrivateKey(). The X509Certificate2.PrivateKey property does not function.
Since the legacy X509Certificate2.PrivateKey property does not work with certificates, developers should perform rigorous testing before switching to ephemeral keys.
Programmatic creation of PKCS#10 certification signing requests and X.509 public key certificates
Starting with .NET Framework 4.7.2, workloads can generate certificate signing requests (CSRs), which allows certificate request generation to be staged into existing tooling. This is frequently useful in test scenarios.
For more information and code examples, see "Programmatic creation of PKCS#10 certification signing requests and X.509 public key certificates" in the .NET Blog.
New SignerInfo members
Starting with .NET Framework 4.7.2, the SignerInfo class exposes more information about the signature. You can retrieve the value of the System.Security.Cryptography.Pkcs.SignerInfo.SignatureAlgorithm property to determine the signature algorithm used by the signer. SignerInfo.GetSignature can be called to get a copy of the cryptographic signature for this signer.
Leaving a wrapped stream open after CryptoStream is disposed
Starting with .NET Framework 4.7.2, the CryptoStream class has an additional constructor that allows Dispose to not close the wrapped stream. To leave the wrapped stream open after the CryptoStream instance is disposed, call the new CryptoStream constructor as follows:
var cStream = new CryptoStream(stream, transform, mode, leaveOpen: true);
Dim cStream = New CryptoStream(stream, transform, mode, leaveOpen:=true)
Decompression changes in DeflateStream
Starting with .NET Framework 4.7.2, the implementation of decompression operations in the DeflateStream class has changed to use native Windows APIs by default. Typically, this results in a substantial performance improvement.
Support for decompression by using Windows APIs is enabled by default for applications that target .NET Framework 4.7.2. Applications that target earlier versions of .NET Framework but are running under .NET Framework 4.7.2 can opt in to this behavior by adding the following AppContext switch to the application configuration file:
<AppContextSwitchOverrides value="Switch.System.IO.Compression.DoNotUseNativeZipLibraryForDecompression=false" />
Additional collection APIs
.NET Framework 4.7.2 adds a number of new APIs to the SortedSet<T> and HashSet<T> types. These include:
TryGetValue
methods, which extend the try pattern used in other collection types to these two types. The methods are:Enumerable.To*
extension methods, which convert a collection to a HashSet<T>:New HashSet<T> constructors that let you set the collection's capacity, which yields a performance benefit when you know the size of the HashSet<T> in advance:
The ConcurrentDictionary<TKey,TValue> class includes new overloads of the AddOrUpdate and GetOrAdd methods to retrieve a value from the dictionary or to add it if it is not found, and to add a value to the dictionary or to update it if it already exists.
public TValue AddOrUpdate<TArg>(TKey key, Func<TKey, TArg, TValue> addValueFactory, Func<TKey, TValue, TArg, TValue> updateValueFactory, TArg factoryArgument)
public TValue GetOrAdd<TArg>(TKey key, Func<TKey, TArg, TValue> valueFactory, TArg factoryArgument)
Public AddOrUpdate(Of TArg)(key As TKey, addValueFactory As Func(Of TKey, TArg, TValue), updateValueFactory As Func(Of TKey, TValue, TArg, TValue), factoryArgument As TArg) As TValue
Public GetOrAdd(Of TArg)(key As TKey, valueFactory As Func(Of TKey, TArg, TValue), factoryArgument As TArg) As TValue
ASP.NET
Support for dependency injection in Web Forms
Dependency injection (DI) decouples objects and their dependencies so that an object's code no longer needs to be changed just because a dependency has changed. When developing ASP.NET applications that target .NET Framework 4.7.2, you can:
Use setter-based, interface-based, and constructor-based injection in handlers and modules, Page instances, and user controls of ASP.NET web application projects.
Use setter-based and interface-based injection in handlers and modules, Page instances, and user controls of ASP.NET web site projects.
Plug in different dependency injection frameworks.
Support for same-site cookies
SameSite prevents a browser from sending a cookie along with a cross-site request. .NET Framework 4.7.2 adds a HttpCookie.SameSite property whose value is a System.Web.SameSiteMode enumeration member. If its value is SameSiteMode.Strict or SameSiteMode.Lax, ASP.NET adds the SameSite
attribute to the set-cookie header. SameSite support applies to HttpCookie objects, as well as to FormsAuthentication and System.Web.SessionState cookies.
You can set SameSite for an HttpCookie object as follows:
var c = new HttpCookie("secureCookie", "same origin");
c.SameSite = SameSiteMode.Lax;
Dim c As New HttpCookie("secureCookie", "same origin")
c.SameSite = SameSiteMode.Lax
You can also configure SameSite cookies at the application level by modifying the web.config file:
<system.web>
<httpCookies sameSite="Strict" />
</system.web>
You can add SameSite for FormsAuthentication and System.Web.SessionState cookies by modifying the web config file:
<system.web>
<authentication mode="Forms">
<forms cookieSameSite="Lax">
<!-- ... -->
</forms>
</authentication>
<sessionState cookieSameSite="Lax"></sessionState>
</system.web>
Networking
Implementation of HttpClientHandler properties
.NET Framework 4.7.1 added eight properties to the System.Net.Http.HttpClientHandler class. However, two threw a PlatformNotSupportedException. .NET Framework 4.7.2 now provides an implementation for these properties. The properties are:
SQLClient
Support for Azure Active Directory Universal Authentication and Multifactor authentication
Growing compliance and security demands require that many customers use multifactor authentication (MFA). In addition, current best practices discourage including user passwords directly in connection strings. To support these changes, .NET Framework 4.7.2 extends SQLClient connection strings by adding a new value, "Active Directory Interactive", for the existing "Authentication" keyword to support MFA and Azure AD Authentication. The new interactive method supports native and federated Azure AD users as well as Azure AD guest users. When this method is used, the MFA authentication imposed by Azure AD is supported for SQL databases. In addition, the authentication process requests a user password to adhere to security best practices.
In previous versions of .NET Framework, SQL connectivity supported only the SqlAuthenticationMethod.ActiveDirectoryPassword and SqlAuthenticationMethod.ActiveDirectoryIntegrated options. Both of these are part of the non-interactive ADAL protocol, which does not support MFA. With the new SqlAuthenticationMethod.ActiveDirectoryInteractive option, SQL connectivity supports MFA as well as existing authentication methods (password and integrated authentication), which allows users to enter user passwords interactively without persisting passwords in the connection string.
For more information and an example, see "SQL -- Azure AD Universal and Multifactor Authentication Support" in the .NET Blog.
Support for Always Encrypted version 2
NET Framework 4.7.2 adds supports for enclave-based Always Encrypted. The original version of Always Encrypted is a client-side encryption technology in which encryption keys never leave the client. In enclave-based Always Encrypted, the client can optionally send the encryption keys to a secure enclave, which is a secure computational entity that can be considered part of SQL Server but that SQL Server code cannot tamper with. To support enclave-based Always Encrypted, .NET Framework 4.7.2 adds the following types and members to the System.Data.SqlClient namespace:
SqlConnectionStringBuilder.EnclaveAttestationUrl, which specifies the Uri for enclave-based Always Encrypted.
SqlColumnEncryptionEnclaveProvider, which is an abstract class from which all enclave providers are derived.
SqlEnclaveSession, which encapsulates the state for a given enclave session.
SqlEnclaveAttestationParameters, which provides the attestation parameters used by SQL Server to get information required to execute a particular Attestation Protocol.
The application configuration file then specifies a concrete implementation of the abstract System.Data.SqlClient.SqlColumnEncryptionEnclaveProvider class that provides the functionality for the enclave provider. For example:
<configuration>
<configSections>
<section name="SqlColumnEncryptionEnclaveProviders" type="System.Data.SqlClient.SqlColumnEncryptionEnclaveProviderConfigurationSection,System.Data,Version=4.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089"/>
</configSections>
<SqlColumnEncryptionEnclaveProviders>
<providers>
<add name="Azure" type="Microsoft.SqlServer.Management.AlwaysEncrypted.AzureEnclaveProvider,MyApp"/>
<add name="HGS" type="Microsoft.SqlServer.Management.AlwaysEncrypted.HGSEnclaveProvider,MyApp" />
</providers>
</SqlColumnEncryptionEnclaveProviders >
</configuration>
The basic flow of enclave-based Always Encrypted is:
The user creates an AlwaysEncrypted connection to SQL Server that supported enclave-based Always Encrypted. The driver contacts the attestation service to ensure that it is connecting to right enclave.
Once the enclave has been attested, the driver establishes a secure channel with the secure enclave hosted on SQL Server.
The driver shares encryption keys authorized by the client with the secure enclave for the duration of the SQL connection.
Windows Presentation Foundation
Finding ResourceDictionaries by Source
Starting with .NET Framework 4.7.2, a diagnostic assistant can locate the ResourceDictionaries that have been created from a given source Uri. (This feature is for use by diagnostic assistants, not by production applications.) A diagnostic assistant such as Visual Studio's "Edit-and-Continue" facility lets its user edit a ResourceDictionary with the intent that the changes be applied to the running application. One step in achieving this is finding all the ResourceDictionaries that the running application has created from the dictionary that's being edited. For example, an application can declare a ResourceDictionary whose content is copied from a given source URI:
<ResourceDictionary Source="MyRD.xaml" />
A diagnostic assistant that edits the original markup in MyRD.xaml can use the new feature to locate the dictionary. The feature is implemented by a new static method, ResourceDictionaryDiagnostics.GetResourceDictionariesForSource. The diagnostic assistant calls the new method using an absolute Uri that identifies the original markup, as illustrated by the following code:
IEnumerable<ResourceDictionary> dictionaries = ResourceDictionaryDiagnostics.GetResourceDictionariesForSource(new Uri("pack://application:,,,/MyApp;component/MyRD.xaml"));
Dim dictionaries As IEnumerable(Of ResourceDictionary) = ResourceDictionaryDiagnostics.GetResourceDictionariesForSource(New Uri("pack://application:,,,/MyApp;component/MyRD.xaml"))
The method returns an empty enumerable unless VisualDiagnostics is enabled and the ENABLE_XAML_DIAGNOSTICS_SOURCE_INFO
environment variable is set.
Finding ResourceDictionary owners
Starting with .NET Framework 4.7.2, a diagnostic assistant can locate the owners of a given ResourceDictionary. (The feature is for use by diagnostic assistants and not by production applications.) Whenever a change is made to a ResourceDictionary, WPF automatically finds all DynamicResource references that might be affected by the change.
A diagnostic assistant such as Visual Studio's "Edit-and-Continue" facility may want to extend this to handle StaticResource references. The first step in this process is to find the owners of the dictionary; that is, to find all the objects whose Resources
property refers to the dictionary (either directly, or indirectly via the ResourceDictionary.MergedDictionaries property). Three new static methods implemented on the System.Windows.Diagnostics.ResourceDictionaryDiagnostics class, one for each of the base types that has a Resources
property, support this step:
These methods return an empty enumerable unless VisualDiagnostics is enabled and the ENABLE_XAML_DIAGNOSTICS_SOURCE_INFO
environment variable is set.
Finding StaticResource references
A diagnostic assistant can now receive a notification whenever a StaticResource reference is resolved. (The feature is for use by diagnostic assistants, not by production applications.) A diagnostic assistant such as Visual Studio's "Edit-and-Continue" facility may want to update all uses of a resource when its value in a ResourceDictionary changes. WPF does this automatically for DynamicResource references, but it intentionally does not do so for StaticResource references. Starting with .NET Framework 4.7.2, the diagnostic assistant can use these notifications to locate those uses of the static resource.
The notification is implemented by the new ResourceDictionaryDiagnostics.StaticResourceResolved event:
public static event EventHandler<StaticResourceResolvedEventArgs> StaticResourceResolved;
Public Shared Event StaticResourceResolved As EventHandler(Of StaticResourceResolvedEventArgs)
This event is raised whenever the runtime resolves a StaticResource reference. The StaticResourceResolvedEventArgs arguments describe the resolution, and indicate the object and property that host the StaticResource reference and the ResourceDictionary and key used for the resolution:
public class StaticResourceResolvedEventArgs : EventArgs
{
public Object TargetObject { get; }
public Object TargetProperty { get; }
public ResourceDictionary ResourceDictionary { get; }
public object ResourceKey { get; }
}
Public Class StaticResourceResolvedEventArgs : Inherits EventArgs
Public ReadOnly Property TargetObject As Object
Public ReadOnly Property TargetProperty As Object
Public ReadOnly Property ResourceDictionary As ResourceDictionary
Public ReadOnly Property ResourceKey As Object
End Class
The event is not raised (and its add
accessor is ignored) unless VisualDiagnostics is enabled and the ENABLE_XAML_DIAGNOSTICS_SOURCE_INFO
environment variable is set.
ClickOnce
HDPI-aware applications for Windows Forms, Windows Presentation Foundation (WPF), and Visual Studio Tools for Office (VSTO) can all be deployed by using ClickOnce. If the following entry is found in the application manifest, deployment will succeed under .NET Framework 4.7.2:
<windowsSettings>
<dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware>
</windowsSettings>
For Windows Forms application, the previous workaround of setting DPI awareness in the application configuration file rather than the application manifest is no longer necessary for ClickOnce deployment to succeed.
What's new in .NET Framework 4.7.1
.NET Framework 4.7.1 includes new features in the following areas:
In addition, a major focus in .NET Framework 4.7.1 is improved accessibility, which allows an application to provide an appropriate experience for users of Assistive Technology. For information on accessibility improvements in .NET Framework 4.7.1, see What's new in accessibility in .NET Framework.
Base classes
Support for .NET Standard 2.0
.NET Standard defines a set of APIs that must be available on each .NET implementation that supports that version of the standard. .NET Framework 4.7.1 fully supports .NET Standard 2.0 and adds about 200 APIs that are defined in .NET Standard 2.0 and are missing from .NET Framework 4.6.1, 4.6.2, and 4.7. (Note that these versions of .NET Framework support .NET Standard 2.0 only if additional .NET Standard support files are also deployed on the target system.) For more information, see "BCL - .NET Standard 2.0 Support" in the .NET Framework 4.7.1 Runtime and Compiler Features blog post.
Support for configuration builders
Configuration builders allow developers to inject and build configuration settings for applications dynamically at run time. Custom configuration builders can be used to modify existing data in a configuration section or to build a configuration section entirely from scratch. Without configuration builders, .config files are static, and their settings are defined some time before an application is launched.
To create a custom configuration builder, you derive your builder from the abstract ConfigurationBuilder class and override its ConfigurationBuilder.ProcessConfigurationSection and ConfigurationBuilder.ProcessRawXml. You also define your builders in your .config file. For more information, see the "Configuration Builders" section in the .NET Framework 4.7.1 ASP.NET and Configuration Features blog post.
Run-time feature detection
The System.Runtime.CompilerServices.RuntimeFeature class provides a mechanism for determine whether a predefined feature is supported on a given .NET implementation at compile time or run time. At compile time, a compiler can check whether a specified field exists to determine whether the feature is supported; if so, it can emit code that takes advantage of that feature. At run time, an application can call the RuntimeFeature.IsSupported method before emitting code at run time. For more information, see Add helper method to describe features supported by the runtime.
Value tuple types are serializable
Starting with .NET Framework 4.7.1, System.ValueTuple and its associated generic types are marked as Serializable, which allows binary serialization. This should make migrating Tuple types, such as Tuple<T1,T2,T3> and Tuple<T1,T2,T3,T4>, to value tuple types easier. For more information, see "Compiler -- ValueTuple is Serializable" in the .NET Framework 4.7.1 Runtime and Compiler Features blog post.
Support for read-only references
.NET Framework 4.7.1 adds the System.Runtime.CompilerServices.IsReadOnlyAttribute. This attribute is used by language compilers to mark members that have read-only ref return types or parameters. For more information, see "Compiler -- Support for ReadOnlyReferences" in the .NET Framework 4.7.1 Runtime and Compiler Features blog post. For information on ref return values, see Ref return values and ref locals and Ref return values (Visual Basic).
Common language runtime (CLR)
Garbage collection performance improvements
Changes to garbage collection (GC) in .NET Framework 4.7.1 improve overall performance, especially for large object heap (LOH) allocations. In .NET Framework 4.7.1, separate locks are used for small object heap (SOH) and LOH allocations, which allows LOH allocations to occur when background GC is sweeping the SOH. As a result, applications that make a large number of LOH allocations should see a reduction in allocation lock contention and improved performance. For more information, see the "Runtime -- GC Performance Improvements" section in the .NET Framework 4.7.1 Runtime and Compiler Features blog post.
Networking
SHA-2 support for Message.HashAlgorithm
In .NET Framework 4.7 and earlier versions, the Message.HashAlgorithm property supported values of HashAlgorithm.Md5 and HashAlgorithm.Sha only. Starting with .NET Framework 4.7.1, HashAlgorithm.Sha256, HashAlgorithm.Sha384, and HashAlgorithm.Sha512 are also supported. Whether this value is actually used depends on MSMQ, since the Message instance itself does no hashing but simply passes on values to MSMQ. For more information, see the "SHA-2 support for Message.HashAlgorithm" section in the .NET Framework 4.7.1 ASP.NET and Configuration features blog post.
ASP.NET
Execution steps in ASP.NET applications
ASP.NET processes requests in a predefined pipeline that includes 23 events. ASP.NET executes each event handler as an execution step. In versions of ASP.NET up to .NET Framework 4.7, ASP.NET can't flow the execution context due to switching between native and managed threads. Instead, ASP.NET selectively flows only the HttpContext. Starting with .NET Framework 4.7.1, the HttpApplication.OnExecuteRequestStep(Action<HttpContextBase,Action>) method also allows modules to restore ambient data. This feature is targeted at libraries concerned with tracing, profiling, diagnostics, or transactions, for example, that care about the execution flow of the application. For more information, see the "ASP.NET Execution Step Feature" in the .NET Framework 4.7.1 ASP.NET and Configuration Features blog post.
ASP.NET HttpCookie parsing
.NET Framework 4.7.1 includes a new method, HttpCookie.TryParse, that provides a standardized way to create an HttpCookie object from a string and accurately assign cookie values such as expiration date and path. For more information, see "ASP.NET HttpCookie parsing" in the .NET Framework 4.7.1 ASP.NET and Configuration Features blog post.
SHA-2 hash options for ASP.NET forms authentication credentials
In .NET Framework 4.7 and earlier versions, ASP.NET allowed developers to store user credentials with hashed passwords in configuration files using either MD5 or SHA1. Starting with .NET Framework 4.7.1, ASP.NET also supports new secure SHA-2 hash options such as SHA256, SHA384, and SHA512. SHA1 remains the default, and a non-default hash algorithm can be defined in the web configuration file.
Important
Microsoft recommends that you use the most secure authentication flow available. If you're connecting to Azure SQL, Managed Identities for Azure resources is the recommended authentication method.
What's new in .NET Framework 4.7
.NET Framework 4.7 includes new features in the following areas:
- Base classes
- Networking
- ASP.NET
- Windows Communication Foundation (WCF)
- Windows Forms
- Windows Presentation Foundation (WPF)
For a list of new APIs added to .NET Framework 4.7, see .NET Framework 4.7 API Changes on GitHub. For a list of feature improvements and bug fixes in .NET Framework 4.7, see .NET Framework 4.7 List of Changes on GitHub. For more information, see Announcing .NET Framework 4.7 in the .NET blog.
Base classes
.NET Framework 4.7 improves serialization by the DataContractJsonSerializer:
Enhanced functionality with Elliptic Curve Cryptography (ECC)*
In .NET Framework 4.7, ImportParameters(ECParameters)
methods were added to the ECDsa and ECDiffieHellman classes to allow for an object to represent an already-established key. An ExportParameters(Boolean)
method was also added for exporting the key using explicit curve parameters.
.NET Framework 4.7 also adds support for additional curves (including the Brainpool curve suite), and has added predefined definitions for ease-of-creation through the new Create and Create factory methods.
You can see an example of .NET Framework 4.7 cryptography improvements on GitHub.
Better support for control characters by the DataContractJsonSerializer
In .NET Framework 4.7, the DataContractJsonSerializer class serializes control characters in conformity with the ECMAScript 6 standard. This behavior is enabled by default for applications that target .NET Framework 4.7, and is an opt-in feature for applications that are running under .NET Framework 4.7 but target a previous version of .NET Framework. For more information, see the Application compatibility section.
Networking
.NET Framework 4.7 adds the following network-related feature:
Default operating system support for TLS protocols*
The TLS stack, which is used by System.Net.Security.SslStream and up-stack components such as HTTP, FTP, and SMTP, allows developers to use the default TLS protocols supported by the operating system. Developers need no longer hard-code a TLS version.
ASP.NET
In .NET Framework 4.7, ASP.NET includes the following new features:
Object Cache Extensibility
Starting with .NET Framework 4.7, ASP.NET adds a new set of APIs that allow developers to replace the default ASP.NET implementations for in-memory object caching and memory monitoring. Developers can now replace any of the following three components if the ASP.NET implementation is not adequate:
Object Cache Store. By using the new cache providers configuration section, developers can plug in new implementations of an object cache for an ASP.NET application by using the new ICacheStoreProvider interface.
Memory monitoring. The default memory monitor in ASP.NET notifies applications when they are running close to the configured private bytes limit for the process, or when the machine is low on total available physical RAM. When these limits are near, notifications are fired. For some applications, notifications are fired too close to the configured limits to allow for useful reactions. Developers can now write their own memory monitors to replace the default by using the ApplicationMonitors.MemoryMonitor property.
Memory Limit Reactions. By default, ASP.NET attempts to trim the object cache and periodically call GC.Collect when the private byte process limit is near. For some applications, the frequency of calls to GC.Collect or the amount of cache that is trimmed are inefficient. Developers can now replace or supplement the default behavior by subscribing IObserver implementations to the application's memory monitor.
Windows Communication Foundation (WCF)
Windows Communication Foundation (WCF) adds the following features and changes:
Ability to configure the default message security settings to TLS 1.1 or TLS 1.2
Starting with .NET Framework 4.7, WCF allows you to configure TLS 1.1 or TLS 1.2 in addition to SSL 3.0 and TLS 1.0 as the default message security protocol. This is an opt-in setting; to enable it, you must add the following entry to your application configuration file:
<runtime>
<AppContextSwitchOverrides value="Switch.System.ServiceModel.DisableUsingServicePointManagerSecurityProtocols=false;Switch.System.Net.DontEnableSchUseStrongCrypto=false" />
</runtime>
Improved reliability of WCF applications and WCF serialization
WCF includes a number of code changes that eliminate race conditions, thereby improving performance and the reliability of serialization options. These include:
- Better support for mixing asynchronous and synchronous code in calls to SocketConnection.BeginRead and SocketConnection.Read.
- Improved reliability when aborting a connection with SharedConnectionListener and DuplexChannelBinder.
- Improved reliability of serialization operations when calling the FormatterServices.GetSerializableMembers(Type) method.
- Improved reliability when removing a waiter by calling the ChannelSynchronizer.RemoveWaiter method.
Windows Forms
In .NET Framework 4.7, Windows Forms improves support for high DPI monitors.
High DPI support
Starting with applications that target .NET Framework 4.7, .NET Framework features high DPI and dynamic DPI support for Windows Forms applications. High DPI support improves the layout and appearance of forms and controls on high DPI monitors. Dynamic DPI changes the layout and appearance of forms and controls when the user changes the DPI or display scale factor of a running application.
High DPI support is an opt-in feature that you configure by defining a <System.Windows.Forms.ConfigurationSection> section in your application configuration file. For more information on adding high DPI support and dynamic DPI support to your Windows Forms application, see High DPI Support in Windows Forms.
Windows Presentation Foundation (WPF)
In .NET Framework 4.7, WPF includes the following enhancements:
Support for a touch/stylus stack based on Windows WM_POINTER messages
You now have the option of using a touch/stylus stack based on WM_POINTER messages instead of the Windows Ink Services Platform (WISP). This is an opt-in feature in .NET Framework. For more information, see the Application compatibility section.
New implementation for WPF printing APIs
WPF's printing APIs in the System.Printing.PrintQueue class call the Windows Print Document Package API instead of the deprecated XPS Print API. For the impact of this change on application compatibility, see the Application compatibility section.
What's new in .NET Framework 4.6.2
.NET Framework 4.6.2 includes new features in the following areas:
For a list of new APIs added to .NET Framework 4.6.2, see .NET Framework 4.6.2 API Changes on GitHub. For a list of feature improvements and bug fixes in .NET Framework 4.6.2, see .NET Framework 4.6.2 List of Changes on GitHub. For more information, see Announcing .NET Framework 4.6.2 in the .NET blog.
ASP.NET
In .NET Framework 4.6.2, ASP.NET includes the following enhancements:
Improved support for localized error messages in data annotation validators
Data annotation validators enable you to perform validation by adding one or more attributes to a class property. The attribute's ValidationAttribute.ErrorMessage element defines the text of the error message if validation fails. Starting with .NET Framework 4.6.2, ASP.NET makes it easy to localize error messages. Error messages will be localized if:
The ValidationAttribute.ErrorMessage is provided in the validation attribute.
The resource file is stored in the App_LocalResources folder.
The name of the localized resources file has the form
DataAnnotation.Localization.{
name}.resx
, where name is a culture name in the format languageCode-
country/regionCode or languageCode.The key name of the resource is the string assigned to the ValidationAttribute.ErrorMessage attribute, and its value is the localized error message.
For example, the following data annotation attribute defines the default culture's error message for an invalid rating.
public class RatingInfo
{
[Required(ErrorMessage = "The rating must be between 1 and 10.")]
[Display(Name = "Your Rating")]
public int Rating { get; set; }
}
Public Class RatingInfo
<Required(ErrorMessage = "The rating must be between 1 and 10.")>
<Display(Name = "Your Rating")>
Public Property Rating As Integer = 1
End Class
You can then create a resource file, DataAnnotation.Localization.fr.resx, whose key is the error message string and whose value is the localized error message. The file must be found in the App.LocalResources
folder. For example, the following is the key and its value in a localized French (fr) language error message:
Name | Value |
---|---|
The rating must be between 1 and 10. | La note doit être comprise entre 1 et 10. |
In addition, data annotation localization is extensible. Developers can plug in their own string localizer provider by implementing the IStringLocalizerProvider interface to store localization string somewhere other than in a resource file.
Async support with session-state store providers
ASP.NET now allows task-returning methods to be used with session-state store providers, thereby allowing ASP.NET apps to get the scalability benefits of async. To support asynchronous operations with session state store providers, ASP.NET includes a new interface, System.Web.SessionState.ISessionStateModule, which inherits from IHttpModule and allows developers to implement their own session-state module and async session store providers. The interface is defined as follows:
public interface ISessionStateModule : IHttpModule {
void ReleaseSessionState(HttpContext context);
Task ReleaseSessionStateAsync(HttpContext context);
}
Public Interface ISessionStateModule : Inherits IHttpModule
Sub ReleaseSessionState(context As HttpContext)
Function ReleaseSessionStateAsync(context As HttpContext) As Task
End Interface
In addition, the SessionStateUtility class includes two new methods, IsSessionStateReadOnly and IsSessionStateRequired, that can be used to support asynchronous operations.
Async support for output-cache providers
Starting with .NET Framework 4.6.2, task-returning methods can be used with output-cache providers to provide the scalability benefits of async. Providers that implement these methods reduce thread-blocking on a web server and improve the scalability of an ASP.NET service.
The following APIs have been added to support asynchronous output-cache providers:
The System.Web.Caching.OutputCacheProviderAsync class, which inherits from System.Web.Caching.OutputCacheProvider and allows developers to implement an asynchronous output-cache provider.
The OutputCacheUtility class, which provides helper methods for configuring the output cache.
18 new methods in the System.Web.HttpCachePolicy class. These include GetCacheability, GetCacheExtensions, GetETag, GetETagFromFileDependencies, GetMaxAge, GetMaxAge, GetNoStore, GetNoTransforms, GetOmitVaryStar, GetProxyMaxAge, GetRevalidation, GetUtcLastModified, GetVaryByCustom, HasSlidingExpiration, and IsValidUntilExpires.
2 new methods in the System.Web.HttpCacheVaryByContentEncodings class: GetContentEncodings and SetContentEncodings.
2 new methods in the System.Web.HttpCacheVaryByHeaders class: GetHeaders and SetHeaders.
2 new methods in the System.Web.HttpCacheVaryByParams class: GetParams and SetParams.
In the System.Web.Caching.AggregateCacheDependency class, the GetFileDependencies method.
In the CacheDependency, the GetFileDependencies method.
Character categories
Characters in .NET Framework 4.6.2 are classified based on the Unicode Standard, Version 8.0.0. In .NET Framework 4.6 and .NET Framework 4.6.1, characters were classified based on Unicode 6.3 character categories.
Support for Unicode 8.0 is limited to the classification of characters by the CharUnicodeInfo class and to types and methods that rely on it. These include the StringInfo class, the overloaded Char.GetUnicodeCategory method, and the character classes recognized by the .NET Framework regular expression engine. Character and string comparison and sorting is unaffected by this change and continues to rely on the underlying operating system or, on Windows 7 systems, on character data provided by .NET Framework.
For changes in character categories from Unicode 6.0 to Unicode 7.0, see The Unicode Standard, Version 7.0.0 at The Unicode Consortium website. For changes from Unicode 7.0 to Unicode 8.0, see The Unicode Standard, Version 8.0.0 at The Unicode Consortium website.
Cryptography
Support for X509 certificates containing FIPS 186-3 DSA
.NET Framework 4.6.2 adds support for DSA (Digital Signature Algorithm) X509 certificates whose keys exceed the FIPS 186-2 1024-bit limit.
In addition to supporting the larger key sizes of FIPS 186-3, .NET Framework 4.6.2 allows computing signatures with the SHA-2 family of hash algorithms (SHA256, SHA384, and SHA512). FIPS 186-3 support is provided by the new System.Security.Cryptography.DSACng class.
In keeping with recent changes to the RSA class in .NET Framework 4.6 and the ECDsa class in .NET Framework 4.6.1, the DSA abstract base class in .NET Framework 4.6.2 has additional methods to allow callers to use this functionality without casting. You can call the DSACertificateExtensions.GetDSAPrivateKey extension method to sign data, as the following example shows.
public static byte[] SignDataDsaSha384(byte[] data, X509Certificate2 cert)
{
using (DSA dsa = cert.GetDSAPrivateKey())
{
return dsa.SignData(data, HashAlgorithmName.SHA384);
}
}
Public Shared Function SignDataDsaSha384(data As Byte(), cert As X509Certificate2) As Byte()
Using DSA As DSA = cert.GetDSAPrivateKey()
Return DSA.SignData(data, HashAlgorithmName.SHA384)
End Using
End Function
And you can call the DSACertificateExtensions.GetDSAPublicKey extension method to verify signed data, as the following example shows.
public static bool VerifyDataDsaSha384(byte[] data, byte[] signature, X509Certificate2 cert)
{
using (DSA dsa = cert.GetDSAPublicKey())
{
return dsa.VerifyData(data, signature, HashAlgorithmName.SHA384);
}
}
Public Shared Function VerifyDataDsaSha384(data As Byte(), signature As Byte(), cert As X509Certificate2) As Boolean
Using dsa As DSA = cert.GetDSAPublicKey()
Return dsa.VerifyData(data, signature, HashAlgorithmName.SHA384)
End Using
End Function
Increased clarity for inputs to ECDiffieHellman key derivation routines
.NET Framework 3.5 added support for Elliptic Curve Diffie-Hellman Key Agreement with three different Key Derivation Function (KDF) routines. The inputs to the routines, and the routines themselves, were configured via properties on the ECDiffieHellmanCng object. But since not every routine read every input property, there was ample room for confusion on the past of the developer.
To address this in .NET Framework 4.6.2, the following three methods have been added to the ECDiffieHellman base class to more clearly represent these KDF routines and their inputs:
ECDiffieHellman method | Description |
---|---|
DeriveKeyFromHash(ECDiffieHellmanPublicKey, HashAlgorithmName, Byte[], Byte[]) | Derives key material using the formula HASH(secretPrepend || x || secretAppend) HASH(secretPrepend OrElse x OrElse secretAppend) where x is the computed result of the EC Diffie-Hellman algorithm. |
DeriveKeyFromHmac(ECDiffieHellmanPublicKey, HashAlgorithmName, Byte[], Byte[], Byte[]) | Derives key material using the formula HMAC(hmacKey, secretPrepend || x || secretAppend) HMAC(hmacKey, secretPrepend OrElse x OrElse secretAppend) where x is the computed result of the EC Diffie-Hellman algorithm. |
DeriveKeyTls(ECDiffieHellmanPublicKey, Byte[], Byte[]) | Derives key material using the TLS pseudo-random function (PRF) derivation algorithm. |
Support for persisted-key symmetric encryption
The Windows cryptography library (CNG) added support for storing persisted symmetric keys and using hardware-stored symmetric keys, and .NET Framework 4.6.2 made it possible for developers to make use of this feature. Since the notion of key names and key providers is implementation-specific, using this feature requires utilizing the constructor of the concrete implementation types instead of the preferred factory approach (such as calling Aes.Create
).
Persisted-key symmetric encryption support exists for the AES (AesCng) and 3DES (TripleDESCng) algorithms. For example:
public static byte[] EncryptDataWithPersistedKey(byte[] data, byte[] iv)
{
using (Aes aes = new AesCng("AesDemoKey", CngProvider.MicrosoftSoftwareKeyStorageProvider))
{
aes.IV = iv;
// Using the zero-argument overload is required to make use of the persisted key
using (ICryptoTransform encryptor = aes.CreateEncryptor())
{
if (!encryptor.CanTransformMultipleBlocks)
{
throw new InvalidOperationException("This is a sample, this case wasn't handled...");
}
return encryptor.TransformFinalBlock(data, 0, data.Length);
}
}
}
Public Shared Function EncryptDataWithPersistedKey(data As Byte(), iv As Byte()) As Byte()
Using Aes As Aes = New AesCng("AesDemoKey", CngProvider.MicrosoftSoftwareKeyStorageProvider)
Aes.IV = iv
' Using the zero-argument overload Is required to make use of the persisted key
Using encryptor As ICryptoTransform = Aes.CreateEncryptor()
If Not encryptor.CanTransformMultipleBlocks Then
Throw New InvalidOperationException("This is a sample, this case wasn't handled...")
End If
Return encryptor.TransformFinalBlock(data, 0, data.Length)
End Using
End Using
End Function
SignedXml support for SHA-2 hashing
.NET Framework 4.6.2 adds support to the SignedXml class for RSA-SHA256, RSA-SHA384, and RSA-SHA512 PKCS#1 signature methods, and SHA256, SHA384, and SHA512 reference digest algorithms.
The URI constants are all exposed on SignedXml:
SignedXml field | Constant |
---|---|
XmlDsigSHA256Url | "http://www.w3.org/2001/04/xmlenc#sha256" |
XmlDsigRSASHA256Url | "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" |
XmlDsigSHA384Url | "http://www.w3.org/2001/04/xmldsig-more#sha384" |
XmlDsigRSASHA384Url | "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" |
XmlDsigSHA512Url | "http://www.w3.org/2001/04/xmlenc#sha512" |
XmlDsigRSASHA512Url | "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" |
Any programs that have registered a custom SignatureDescription handler into CryptoConfig to add support for these algorithms will continue to function as they did in the past, but since there are now platform defaults, the CryptoConfig registration is no longer necessary.
SqlClient
.NET Framework Data Provider for SQL Server (System.Data.SqlClient) includes the following new features in .NET Framework 4.6.2:
Connection pooling and timeouts with Azure SQL databases
When connection pooling is enabled and a timeout or other login error occurs, an exception is cached, and the cached exception is thrown on any subsequent connection attempt for the next 5 seconds to 1 minute. For more information, see SQL Server Connection Pooling (ADO.NET).
This behavior is not desirable when connecting to Azure SQL Databases, since connection attempts can fail with transient errors that are typically recovered quickly. To better optimize the connection retry experience, the connection pool blocking period behavior is removed when connections to Azure SQL Databases fail.
The addition of the new PoolBlockingPeriod
keyword lets you select the blocking period best suited for your app. Values include:
The connection pool blocking period for an application that connects to an Azure SQL Database is disabled, and the connection pool blocking period for an application that connects to any other SQL Server instance is enabled. This is the default value. If the Server endpoint name ends with any of the following, they are considered Azure SQL Databases:
.database.windows.net
.database.chinacloudapi.cn
.database.usgovcloudapi.net
.database.cloudapi.de
The connection pool blocking period is always enabled.
The connection pool blocking period is always disabled.
Enhancements for Always Encrypted
SQLClient introduces two enhancements for Always Encrypted:
To improve performance of parameterized queries against encrypted database columns, encryption metadata for query parameters is now cached. With the SqlConnection.ColumnEncryptionQueryMetadataCacheEnabled property set to
true
(which is the default value), if the same query is called multiple times, the client retrieves parameter metadata from the server only once.Column encryption key entries in the key cache are now evicted after a configurable time interval, set using the SqlConnection.ColumnEncryptionKeyCacheTtl property.
Windows Communication Foundation
In .NET Framework 4.6.2, Windows Communication Foundation has been enhanced in the following areas:
WCF transport security support for certificates stored using CNG
WCF transport security supports certificates stored using the Windows cryptography library (CNG). In .NET Framework 4.6.2, this support is limited to using certificates with a public key that has an exponent no more than 32 bits in length. When an application targets .NET Framework 4.6.2, this feature is on by default.
For applications that target .NET Framework 4.6.1 and earlier but are running on .NET Framework 4.6.2, this feature can be enabled by adding the following line to the <runtime> section of the app.config or web.config file.
<AppContextSwitchOverrides
value="Switch.System.IdentityModel.DisableCngCertificates=false"
/>
This can also be done programmatically with code like the following:
private const string DisableCngCertificates = @"Switch.System.IdentityModel.DisableCngCertificates";
AppContext.SetSwitch(disableCngCertificates, false);
Const DisableCngCertificates As String = "Switch.System.IdentityModel.DisableCngCertificates"
AppContext.SetSwitch(disableCngCertificates, False)
Better support for multiple daylight saving time adjustment rules by the DataContractJsonSerializer class
Customers can use an application configuration setting to determine whether the DataContractJsonSerializer class supports multiple adjustment rules for a single time zone. This is an opt-in feature. To enable it, add the following setting to your app.config file:
<runtime>
<AppContextSwitchOverrides value="Switch.System.Runtime.Serialization.DoNotUseTimeZoneInfo=false" />
</runtime>
When this feature is enabled, a DataContractJsonSerializer object uses the TimeZoneInfo type instead of the TimeZone type to deserialize date and time data. TimeZoneInfo supports multiple adjustment rules, which makes it possible to work with historic time zone data; TimeZone does not.
For more information on the TimeZoneInfo structure and time zone adjustments, see Time Zone Overview.
NetNamedPipeBinding best match
WCF has a new app setting that can be set on client applications to ensure they always connect to the service listening on the URI that best matches the one that they request. With this app setting set to false
(the default), it is possible for clients using NetNamedPipeBinding to attempt to connect to a service listening on a URI that is a substring of the requested URI.
For example, a client tries to connect to a service listening at net.pipe://localhost/Service1
, but a different service on that machine running with administrator privilege is listening at net.pipe://localhost
. With this app setting set to false
, the client would attempt to connect to the wrong service. After setting the app setting to true
, the client will always connect to the best matching service.
Note
Clients using NetNamedPipeBinding find services based on the service's base address (if it exists) rather than the full endpoint address. To ensure this setting always works the service should use a unique base address.
To enable this change, add the following app setting to your client application's App.config or Web.config file:
<configuration>
<appSettings>
<add key="wcf:useBestMatchNamedPipeUri" value="true" />
</appSettings>
</configuration>
SSL 3.0 is not a default protocol
When using NetTcp with transport security and a credential type of certificate, SSL 3.0 is no longer a default protocol used for negotiating a secure connection. In most cases, there should be no impact to existing apps, because TLS 1.0 is included in the protocol list for NetTcp. All existing clients should be able to negotiate a connection using at least TLS 1.0. If Ssl3 is required, use one of the following configuration mechanisms to add it to the list of negotiated protocols.
The SslStreamSecurityBindingElement.SslProtocols property
The TcpTransportSecurity.SslProtocols property
The <transport> section of the <netTcpBinding> section
The <sslStreamSecurity> section of the <customBinding> section
Windows Presentation Foundation (WPF)
In .NET Framework 4.6.2, Windows Presentation Foundation has been enhanced in the following areas:
Group sorting
An application that uses a CollectionView object to group data can now explicitly declare how to sort the groups. Explicit sorting addresses the problem of non-intuitive ordering that occurs when an app dynamically adds or removes groups, or when it changes the value of item properties involved in grouping. It can also improve the performance of the group creation process by moving comparisons of the grouping properties from the sort of the full collection to the sort of the groups.
To support group sorting, the new GroupDescription.SortDescriptions and GroupDescription.CustomSort properties describe how to sort the collection of groups produced by the GroupDescription object. This is analogous to the way the identically named ListCollectionView properties describe how to sort the data items.
Two new static properties of the PropertyGroupDescription class, CompareNameAscending and CompareNameDescending, can be used for the most common cases.
For example, the following XAML groups data by age, sort the age groups in ascending order, and group the items within each age group by last name.
<GroupDescriptions>
<PropertyGroupDescription
PropertyName="Age"
CustomSort=
"{x:Static PropertyGroupDescription.CompareNamesAscending}"/>
</PropertyGroupDescription>
</GroupDescriptions>
<SortDescriptions>
<SortDescription PropertyName="LastName"/>
</SortDescriptions>
Touch keyboard support
Touch keyboard support enables focus tracking in WPF applications by automatically invoking and dismissing the touch Keyboard in Windows 10 when the touch input is received by a control that can take textual input.
In previous versions of .NET Framework, WPF applications can't opt in to the focus tracking without disabling WPF pen/touch gesture support. As a result, WPF applications must choose between full WPF touch support or rely on Windows mouse promotion.
Per-monitor DPI
To support the recent proliferation of high-DPI and hybrid-DPI environments for WPF apps, WPF in .NET Framework 4.6.2 enables per-monitor awareness. See the samples and developer guide on GitHub for more information about how to enable your WPF app to become per-monitor DPI aware.
In previous versions of .NET Framework, WPF apps are system-DPI aware. In other words, the application's UI is scaled by the OS as appropriate, depending on the DPI of the monitor on which the app is rendered.
For apps running under .NET Framework 4.6.2, you can disable per-monitor DPI changes in WPF apps by adding a configuration statement to the <runtime> section of your application configuration file, as follows:
<runtime>
<AppContextSwitchOverrides value="Switch.System.Windows.DoNotScaleForDpiChanges=false"/>
</runtime>
Windows Workflow Foundation (WF)
In .NET Framework 4.6.2, Windows Workflow Foundation has been enhanced in the following area:
Support for C# expressions and IntelliSense in the Rehosted WF Designer
Starting with .NET Framework 4.5, WF supports C# expressions in both the Visual Studio Designer and in code workflows. The Rehosted Workflow Designer is a key feature of WF that allows for the Workflow Designer to be in an application outside Visual Studio (for example, in WPF). Windows Workflow Foundation provides the ability to support C# expressions and IntelliSense in the Rehosted Workflow Designer. For more information, see the Windows Workflow Foundation blog.
Availability of IntelliSense when a customer rebuilds a workflow project from Visual Studio
In versions of the .NET Framework prior to 4.6.2, WF Designer IntelliSense is broken when a customer rebuilds a workflow project from Visual Studio. While the project build is successful, the workflow types are not found on the designer, and warnings from IntelliSense for the missing workflow types appear in the Error List window. .NET Framework 4.6.2 addresses this issue and makes IntelliSense available.
Workflow V1 applications with Workflow Tracking on now run under FIPS-mode
Machines with FIPS Compliance Mode enabled can now successfully run a workflow Version 1-style application with Workflow tracking on. To enable this scenario, you must make the following change to your app.config file:
<add key="microsoft:WorkflowRuntime:FIPSRequired" value="true" />
If this scenario is not enabled, running the application continues to generate an exception with the message, "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms."
Workflow Improvements when using Dynamic Update with Visual Studio Workflow Designer
The Workflow Designer, FlowChart Activity Designer, and other Workflow Activity Designers now successfully load and display workflows that have been saved after calling the DynamicUpdateServices.PrepareForUpdate method. In versions of the .NET Framework before .NET Framework 4.6.2, loading a XAML file in Visual Studio for a workflow that has been saved after calling DynamicUpdateServices.PrepareForUpdate can result in the following issues:
The Workflow Designer can't load the XAML file correctly (when the ViewStateData.Id is at the end of the line).
Flowchart Activity Designer or other Workflow Activity Designers may display all objects in their default locations as opposed to attached property values.
ClickOnce
ClickOnce has been updated to support TLS 1.1 and TLS 1.2 in addition to the 1.0 protocol, which it already supports. ClickOnce automatically detects which protocol is required; no extra steps within the ClickOnce application are required to enable TLS 1.1 and 1.2 support.
Converting Windows Forms and WPF apps to UWP apps
Windows now offers capabilities to bring existing Windows desktop apps, including WPF and Windows Forms apps, to the Universal Windows Platform (UWP). This technology acts as a bridge by enabling you to gradually migrate your existing code base to UWP, thereby bringing your app to all Windows 10 devices.
Converted desktop apps gain an app identity similar to the app identity of UWP apps, which makes UWP APIs accessible to enable features such as Live Tiles and notifications. The app continues to behave as before and runs as a full trust app. Once the app is converted, an app container process can be added to the existing full trust process to add an adaptive user interface. When all functionality is moved to the app container process, the full trust process can be removed and the new UWP app can be made available to all Windows 10 devices.
Debugging improvements
The unmanaged debugging API has been enhanced in .NET Framework 4.6.2 to perform additional analysis when a NullReferenceException is thrown so that it is possible to determine which variable in a single line of source code is null
. To support this scenario, the following APIs have been added to the unmanaged debugging API.
The ICorDebugCode4, ICorDebugVariableHome, and ICorDebugVariableHomeEnum interfaces, which expose the native homes of managed variables. This enables debuggers to do some code flow analysis when a NullReferenceException occurs and to work backwards to determine the managed variable that corresponds to the native location that was
null
.The ICorDebugType2::GetTypeID method provides a mapping for ICorDebugType to COR_TYPEID, which allows the debugger to obtain a COR_TYPEID without an instance of the ICorDebugType. Existing APIs on COR_TYPEID can then be used to determine the class layout of the type.
What's new in .NET Framework 4.6.1
.NET Framework 4.6.1 includes new features in the following areas:
For more information on .NET Framework 4.6.1, see the following topics:
.NET Framework API diff (on GitHub)
Cryptography: Support for X509 certificates containing ECDSA
.NET Framework 4.6 added RSACng support for X509 certificates. .NET Framework 4.6.1 adds support for ECDSA (Elliptic Curve Digital Signature Algorithm) X509 certificates.
ECDSA offers better performance and is a more secure cryptography algorithm than RSA, providing an excellent choice where Transport Layer Security (TLS) performance and scalability is a concern. The .NET Framework implementation wraps calls into existing Windows functionality.
The following example code shows how easy it is to generate a signature for a byte stream by using the new support for ECDSA X509 certificates included in .NET Framework 4.6.1.
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
public class Net461Code
{
public static byte[] SignECDsaSha512(byte[] data, X509Certificate2 cert)
{
using (ECDsa privateKey = cert.GetECDsaPrivateKey())
{
return privateKey.SignData(data, HashAlgorithmName.SHA512);
}
}
public static byte[] SignECDsaSha512(byte[] data, ECDsa privateKey)
{
return privateKey.SignData(data, HashAlgorithmName.SHA512);
}
}
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
Public Class Net461Code
Public Shared Function SignECDsaSha512(data As Byte(), cert As X509Certificate2) As Byte()
Using privateKey As ECDsa = cert.GetECDsaPrivateKey()
Return privateKey.SignData(data, HashAlgorithmName.SHA512)
End Using
End Function
Public Shared Function SignECDsaSha512(data As Byte, privateKey As ECDsa) As Byte()
Return privateKey.SignData(data, HashAlgorithmName.SHA512)
End Function
End Class
This offers a marked contrast to the code needed to generate a signature in .NET Framework 4.6.
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
public class Net46Code
{
public static byte[] SignECDsaSha512(byte[] data, X509Certificate2 cert)
{
// This would require using cert.Handle and a series of p/invokes to get at the
// underlying key, then passing that to a CngKey object, and passing that to
// new ECDsa(CngKey). It's a lot of work.
throw new Exception("That's a lot of work...");
}
public static byte[] SignECDsaSha512(byte[] data, ECDsa privateKey)
{
// This way works, but SignData probably better matches what you want.
using (SHA512 hasher = SHA512.Create())
{
byte[] signature1 = privateKey.SignHash(hasher.ComputeHash(data));
}
// This might not be the ECDsa you got!
ECDsaCng ecDsaCng = (ECDsaCng)privateKey;
ecDsaCng.HashAlgorithm = CngAlgorithm.Sha512;
return ecDsaCng.SignData(data);
}
}
Imports System.Security.Cryptography
Imports System.Security.Cryptography.X509Certificates
Public Class Net46Code
Public Shared Function SignECDsaSha512(data As Byte(), cert As X509Certificate2) As Byte()
' This would require using cert.Handle and a series of p/invokes to get at the
' underlying key, then passing that to a CngKey object, and passing that to
' new ECDsa(CngKey). It's a lot of work.
Throw New Exception("That's a lot of work...")
End Function
Public Shared Function SignECDsaSha512(data As Byte(), privateKey As ECDsa) As Byte()
' This way works, but SignData probably better matches what you want.
Using hasher As SHA512 = SHA512.Create()
Dim signature1 As Byte() = privateKey.SignHash(hasher.ComputeHash(data))
End Using
' This might not be the ECDsa you got!
Dim ecDsaCng As ECDsaCng = CType(privateKey, ECDsaCng)
ecDsaCng.HashAlgorithm = CngAlgorithm.Sha512
Return ecDsaCng.SignData(data)
End Function
End Class
ADO.NET
The following have been added to ADO.NET:
Always Encrypted support for hardware protected keys
ADO.NET now supports storing Always Encrypted column master keys natively in Hardware Security Modules (HSMs). With this support, customers can leverage asymmetric keys stored in HSMs without having to write custom column master key store providers and registering them in applications.
Customers need to install the HSM vendor-provided CSP provider or CNG key store providers on the app servers or client computers in order to access Always Encrypted data protected with column master keys stored in an HSM.
Improved MultiSubnetFailover connection behavior for AlwaysOn
SqlClient now automatically provides faster connections to an AlwaysOn Availability Group (AG). It transparently detects whether your application is connecting to an AlwaysOn availability group (AG) on a different subnet and quickly discovers the current active server and provides a connection to the server. Prior to this release, an application had to set the connection string to include "MultisubnetFailover=true"
to indicate that it was connecting to an AlwaysOn Availability Group. Without setting the connection keyword to true
, an application might experience a timeout while connecting to an AlwaysOn Availability Group. With this release, an application does not need to set MultiSubnetFailover to true
anymore. For more information about SqlClient support for Always On Availability Groups, see SqlClient Support for High Availability, Disaster Recovery.
Windows Presentation Foundation (WPF)
Windows Presentation Foundation includes a number of improvements and changes.
Improved performance
The delay in firing touch events has been fixed in .NET Framework 4.6.1. In addition, typing in a RichTextBox control no longer ties up the render thread during fast input.
Spell checking improvements
The spell checker in WPF has been updated on Windows 8.1 and later versions to leverage operating system support for spell-checking additional languages. There is no change in functionality on Windows versions prior to Windows 8.1.
As in previous versions of .NET Framework, the language for a TextBox control or a RichTextBox block is detected by looking for information in the following order:
xml:lang
, if it is present.Current input language.
Current culture.
For more information on language support in WPF, see the WPF blog post on .NET Framework 4.6.1 features.
Additional support for per-user custom dictionaries
In .NET Framework 4.6.1, WPF recognizes custom dictionaries that are registered globally. This capability is available in addition to the ability to register them per-control.
In previous versions of WPF, custom dictionaries did not recognize Excluded Words and AutoCorrect lists. They are supported on Windows 8.1 and Windows 10 through the use of files that can be placed under the %AppData%\Microsoft\Spelling\<language tag>
directory. The following rules apply to these files:
The files should have extensions of .dic (for added words), .exc (for excluded words), or .acl (for AutoCorrect).
The files should be UTF-16 LE plaintext that starts with the Byte Order Mark (BOM).
Each line should consist of a word (in the added and excluded word lists), or an autocorrect pair with the words separated by a vertical bar ("|") (in the AutoCorrect word list).
These files are considered read-only and are not modified by the system.
Note
These new file-formats are not directly supported by the WPF spell checking APIs, and the custom dictionaries supplied to WPF in applications should continue to use .lex files.
Samples
There are a number of WPF samples on the Microsoft/WPF-Samples GitHub repository. Help us improve our samples by sending us a pull-request or opening a GitHub issue.
DirectX extensions
WPF includes a NuGet package that provides new implementations of D3DImage that make it easy for you to interoperate with DX10 and Dx11 content. The code for this package has been open sourced and is available on GitHub.
Windows Workflow Foundation: Transactions
The Transaction.EnlistPromotableSinglePhase method can now use a distributed transaction manager other than MSDTC to promote the transaction. You do this by specifying a GUID transaction promoter identifier to the new Transaction.EnlistPromotableSinglePhase(IPromotableSinglePhaseNotification, Guid) overload . If this operation is successful, there are limitations placed on the capabilities of the transaction. Once a non-MSDTC transaction promoter is enlisted, the following methods throw a TransactionPromotionException because these methods require promotion to MSDTC:
Once a non-MSDTC transaction promoter is enlisted, it must be used for future durable enlistments by using protocols that it defines. The Guid of the transaction promoter can be obtained by using the PromoterType property. When the transaction promotes, the transaction promoter provides a Byte array that represents the promoted token. An application can obtain the promoted token for a non-MSDTC promoted transaction with the GetPromotedToken method.
Users of the new Transaction.EnlistPromotableSinglePhase(IPromotableSinglePhaseNotification, Guid) overload must follow a specific call sequence in order for the promotion operation to complete successfully. These rules are documented in the method's documentation.
Profiling
The unmanaged profiling API has been enhanced as follows:
Better support for accessing PDBs in the ICorProfilerInfo7 interface.
In ASP.NET Core, it is becoming much more common for assemblies to be compiled in-memory by Roslyn. For developers making profiling tools, this means that PDBs that historically were serialized on disk may no longer be present. Profiler tools often use PDBs to map code back to source lines for tasks such as code coverage or line-by-line performance analysis. The ICorProfilerInfo7 interface now includes two new methods, ICorProfilerInfo7::GetInMemorySymbolsLength and ICorProfilerInfo7::ReadInMemorySymbols, to provide these profiler tools with access to the in-memory PDB data, By using the new APIs, a profiler can obtain the contents of an in-memory PDB as a byte array and then process it or serialize it to disk.
Better instrumentation with the ICorProfiler interface.
Profilers that are using the
ICorProfiler
APIs ReJit functionality for dynamic instrumentation can now modify some metadata. Previously such tools could instrument IL at any time, but metadata could only be modified at module load time. Because IL refers to metadata, this limited the kinds of instrumentation that could be done. We have lifted some of those limits by adding the ICorProfilerInfo7::ApplyMetaData method to support a subset of metadata edits after the module loads, in particular by adding newAssemblyRef
,TypeRef
,TypeSpec
,MemberRef
,MemberSpec
, andUserString
records. This change makes a much broader range of on-the-fly instrumentation possible.
Native Image Generator (NGEN) PDBs
Cross-machine event tracing allows customers to profile a program on Machine A and look at the profiling data with source line mapping on Machine B. Using previous versions of .NET Framework, the user would copy all the modules and native images from the profiled machine to the analysis machine that contains the IL PDB to create the source-to-native mapping. While this process may work well when the files are relatively small, such as for phone applications, the files can be very large on desktop systems and require significant time to copy.
With Ngen PDBs, NGen can create a PDB that contains the IL-to-native mapping without a dependency on the IL PDB. In our cross-machine event tracing scenario, all that is needed is to copy the native image PDB that is generated by Machine A to Machine B and to use Debug Interface Access APIs to read the IL PDB's source-to-IL mapping and the native image PDB's IL-to-native mapping. Combining both mappings provides a source-to-native mapping. Since the native image PDB is much smaller than all the modules and native images, the process of copying from Machine A to Machine B is much faster.
What's new in .NET 2015
.NET 2015 introduces .NET Framework 4.6 and .NET Core. Some new features apply to both, and other features are specific to .NET Framework 4.6 or .NET Core.
ASP.NET Core
.NET 2015 includes ASP.NET Core, which is a lean .NET implementation for building modern cloud-based apps. ASP.NET Core is modular so you can include only those features that are needed in your application. It can be hosted on IIS or self-hosted in a custom process, and you can run apps with different versions of the .NET Framework on the same server. It includes a new environment configuration system that is designed for cloud deployment.
MVC, Web API, and Web Pages are unified into a single framework called MVC 6. You build ASP.NET Core apps through tools in Visual Studio 2015 or later. Your existing applications will work on the new .NET Framework; however to build an app that uses MVC 6 or SignalR 3, you must use the project system in Visual Studio 2015 or later.
For information, see ASP.NET Core.
ASP.NET Updates
Task-based API for Asynchronous Response Flushing
ASP.NET now provides a simple task-based API for asynchronous response flushing, HttpResponse.FlushAsync, that allows responses to be flushed asynchronously by using your language's
async/await
support.Model binding supports task-returning methods
In .NET Framework 4.5, ASP.NET added the Model Binding feature that enabled an extensible, code-focused approach to CRUD-based data operations in Web Forms pages and user controls. The Model Binding system now supports Task-returning model binding methods. This feature allows Web Forms developers to get the scalability benefits of async with the ease of the data-binding system when using newer versions of ORMs, including the Entity Framework.
Async model binding is controlled by the
aspnet:EnableAsyncModelBinding
configuration setting.<appSettings> <add key=" aspnet:EnableAsyncModelBinding" value="true|false" /> </appSettings>
On apps the target .NET Framework 4.6, it defaults to
true
. On apps running on .NET Framework 4.6 that target an earlier version of .NET Framework, it isfalse
by default. It can be enabled by setting the configuration setting totrue
.HTTP/2 Support (Windows 10)
HTTP/2 is a new version of the HTTP protocol that provides much better connection utilization (fewer round-trips between client and server), resulting in lower latency web page loading for users. Web pages (as opposed to services) benefit the most from HTTP/2, since the protocol optimizes for multiple artifacts being requested as part of a single experience. HTTP/2 support has been added to ASP.NET in .NET Framework 4.6. Because networking functionality exists at multiple layers, new features were required in Windows, in IIS, and in ASP.NET to enable HTTP/2. You must be running on Windows 10 to use HTTP/2 with ASP.NET.
HTTP/2 is also supported and on by default for Windows 10 Universal Windows Platform (UWP) apps that use the System.Net.Http.HttpClient API.
In order to provide a way to use the PUSH_PROMISE feature in ASP.NET applications, a new method with two overloads, PushPromise(String) and PushPromise(String, String, NameValueCollection), has been added to the HttpResponse class.
Note
While ASP.NET Core supports HTTP/2, support for the PUSH PROMISE feature has not yet been added.
The browser and the web server (IIS on Windows) do all the work. You don't have to do any heavy-lifting for your users.
Most of the major browsers support HTTP/2, so it's likely that your users will benefit from HTTP/2 support if your server supports it.
Support for the Token Binding Protocol
Microsoft and Google have been collaborating on a new approach to authentication, called the Token Binding Protocol. The premise is that authentication tokens (in your browser cache) can be stolen and used by criminals to access otherwise secure resources (for example, your bank account) without requiring your password or any other privileged knowledge. The new protocol aims to mitigate this problem.
The Token Binding Protocol will be implemented in Windows 10 as a browser feature. ASP.NET apps will participate in the protocol, so that authentication tokens are validated to be legitimate. The client and the server implementations establish the end-to-end protection specified by the protocol.
Randomized string hash algorithms
.NET Framework 4.5 introduced a randomized string hash algorithm. However, it was not supported by ASP.NET because of some ASP.NET features depended on a stable hash code. In .NET Framework 4.6, randomized string hash algorithms are now supported. To enable this feature, use the
aspnet:UseRandomizedStringHashAlgorithm
config setting.<appSettings> <add key="aspnet:UseRandomizedStringHashAlgorithm" value="true|false" /> </appSettings>
ADO.NET
ADO .NET now supports the Always Encrypted feature available in SQL Server 2016. With Always Encrypted, SQL Server can perform operations on encrypted data, and best of all the encryption key resides with the application inside the customer's trusted environment and not on the server. Always Encrypted secures customer data so DBAs do not have access to plain text data. Encryption and decryption of data happens transparently at the driver level, minimizing changes that have to be made to existing applications. For details, see Always Encrypted (Database Engine) and Always Encrypted (client development).
64-bit JIT Compiler for managed code
.NET Framework 4.6 features a new version of the 64-bit JIT compiler (originally code-named RyuJIT). The new 64-bit compiler provides significant performance improvements over the older 64-bit JIT compiler. The new 64-bit compiler is enabled for 64-bit processes running on top of .NET Framework 4.6. Your app will run in a 64-bit process if it is compiled as 64-bit or AnyCPU and is running on a 64-bit operating system. While care has been taken to make the transition to the new compiler as transparent as possible, changes in behavior are possible.
The new 64-bit JIT compiler also includes hardware SIMD acceleration features when coupled with SIMD-enabled types in the System.Numerics namespace, which can yield good performance improvements.
Assembly loader improvements
The assembly loader now uses memory more efficiently by unloading IL assemblies after a corresponding NGEN image is loaded. This change decreases virtual memory, which is particularly beneficial for large 32-bit apps (such as Visual Studio), and also saves physical memory.
Base class library changes
Many new APIs have been added around to .NET Framework 4.6 to enable key scenarios. These include the following changes and additions:
IReadOnlyCollection<T> implementations
Additional collections implement IReadOnlyCollection<T> such as Queue<T> and Stack<T>.
CultureInfo.CurrentCulture and CultureInfo.CurrentUICulture
The CultureInfo.CurrentCulture and CultureInfo.CurrentUICulture properties are now read-write rather than read-only. If you assign a new CultureInfo object to these properties, the current thread culture defined by the
Thread.CurrentThread.CurrentCulture
property and the current UI thread culture defined by theThread.CurrentThread.CurrentUICulture
properties also change.Enhancements to garbage collection (GC)
The GC class now includes TryStartNoGCRegion and EndNoGCRegion methods that allow you to disallow garbage collection during the execution of a critical path.
A new overload of the GC.Collect(Int32, GCCollectionMode, Boolean, Boolean) method allows you to control whether both the small object heap and the large object heap are swept and compacted or swept only.
SIMD-enabled types
The System.Numerics namespace now includes a number of SIMD-enabled types, such as Matrix3x2, Matrix4x4, Plane, Quaternion, Vector2, Vector3, and Vector4.
Because the new 64-bit JIT compiler also includes hardware SIMD acceleration features, there are especially significant performance improvements when using the SIMD-enabled types with the new 64-bit JIT compiler.
Cryptography updates
The System.Security.Cryptography API is being updated to support the Windows CNG cryptography APIs. Previous versions of the .NET Framework have relied entirely on an earlier version of the Windows Cryptography APIs as the basis for the System.Security.Cryptography implementation. We have had requests to support the CNG API, since it supports modern cryptography algorithms, which are important for certain categories of apps.
.NET Framework 4.6 includes the following new enhancements to support the Windows CNG cryptography APIs:
A set of extension methods for X509 Certificates,
System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPublicKey(System.Security.Cryptography.X509Certificates.X509Certificate2)
andSystem.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPrivateKey(System.Security.Cryptography.X509Certificates.X509Certificate2)
, that return a CNG-based implementation rather than a CAPI-based implementation when possible. (Some smartcards, etc., still require CAPI, and the APIs handle the fallback).The System.Security.Cryptography.RSACng class, which provides a CNG implementation of the RSA algorithm.
Enhancements to the RSA API so that common actions no longer require casting. For example, encrypting data using an X509Certificate2 object requires code like the following in previous versions of .NET Framework.
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)cert.PrivateKey; byte[] oaepEncrypted = rsa.Encrypt(data, true); byte[] pkcs1Encrypted = rsa.Encrypt(data, false);
Dim rsa As RSACryptoServiceProvider = CType(cert.PrivateKey, RSACryptoServiceProvider) Dim oaepEncrypted() As Byte = rsa.Encrypt(data, True) Dim pkcs1Encrypted() As Byte = rsa.Encrypt(data, False)
Code that uses the new cryptography APIs in .NET Framework 4.6 can be rewritten as follows to avoid the cast.
RSA rsa = cert.GetRSAPrivateKey(); if (rsa == null) throw new InvalidOperationException("An RSA certificate was expected"); byte[] oaepEncrypted = rsa.Encrypt(data, RSAEncryptionPadding.OaepSHA1); byte[] pkcs1Encrypted = rsa.Encrypt(data, RSAEncryptionPadding.Pkcs1);
Dim rsa As RSA = cert.GetRSAPrivateKey() If rsa Is Nothing Then Throw New InvalidOperationException("An RSA certificate was expected") End If Dim oaepEncrypted() As Byte = rsa.Encrypt(data, RSAEncryptionPadding.OaepSHA1) Dim pkcs1Encrypted() As Byte = rsa.Encrypt(data, RSAEncryptionPadding.Pkcs1)
Support for converting dates and times to or from Unix time
The following new methods have been added to the DateTimeOffset structure to support converting date and time values to or from Unix time:
Compatibility switches
The AppContext class adds a new compatibility feature that enables library writers to provide a uniform opt-out mechanism for new functionality for their users. It establishes a loosely coupled contract between components in order to communicate an opt-out request. This capability is typically important when a change is made to existing functionality. Conversely, there is already an implicit opt-in for new functionality.
With AppContext, libraries define and expose compatibility switches, while code that depends on them can set those switches to affect the library behavior. By default, libraries provide the new functionality, and they only alter it (that is, they provide the previous functionality) if the switch is set.
An application (or a library) can declare the value of a switch (which is always a Boolean value) that a dependent library defines. The switch is always implicitly
false
. Setting the switch totrue
enables it. Explicitly setting the switch tofalse
provides the new behavior.AppContext.SetSwitch("Switch.AmazingLib.ThrowOnException", true);
AppContext.SetSwitch("Switch.AmazingLib.ThrowOnException", True)
The library must check if a consumer has declared the value of the switch and then appropriately act on it.
if (!AppContext.TryGetSwitch("Switch.AmazingLib.ThrowOnException", out shouldThrow)) { // This is the case where the switch value was not set by the application. // The library can choose to get the value of shouldThrow by other means. // If no overrides nor default values are specified, the value should be 'false'. // A false value implies the latest behavior. } // The library can use the value of shouldThrow to throw exceptions or not. if (shouldThrow) { // old code } else { // new code }
If Not AppContext.TryGetSwitch("Switch.AmazingLib.ThrowOnException", shouldThrow) Then ' This is the case where the switch value was not set by the application. ' The library can choose to get the value of shouldThrow by other means. ' If no overrides nor default values are specified, the value should be 'false'. ' A false value implies the latest behavior. End If ' The library can use the value of shouldThrow to throw exceptions or not. If shouldThrow Then ' old code Else ' new code End If
It's beneficial to use a consistent format for switches, since they are a formal contract exposed by a library. The following are two obvious formats.
Switch.namespace.switchname
Switch.library.switchname
Changes to the task-based asynchronous pattern (TAP)
For apps that target .NET Framework 4.6, Task and Task<TResult> objects inherit the culture and UI culture of the calling thread. The behavior of apps that target previous versions of .NET Framework, or that do not target a specific version of .NET Framework, is unaffected. For more information, see the "Culture and task-based asynchronous operations" section of the CultureInfo class topic.
The System.Threading.AsyncLocal<T> class allows you to represent ambient data that is local to a given asynchronous control flow, such as an
async
method. It can be used to persist data across threads. You can also define a callback method that is notified whenever the ambient data changes either because the AsyncLocal<T>.Value property was explicitly changed, or because the thread encountered a context transition.Three convenience methods, Task.CompletedTask, Task.FromCanceled, and Task.FromException, have been added to the task-based asynchronous pattern (TAP) to return completed tasks in a particular state.
The NamedPipeClientStream class now supports asynchronous communication with its new ConnectAsync. method.
EventSource now supports writing to the Event log
You now can use the EventSource class to log administrative or operational messages to the event log, in addition to any existing ETW sessions created on the machine. In the past, you had to use the Microsoft.Diagnostics.Tracing.EventSource NuGet package for this functionality. This functionality is now built-into .NET Framework 4.6.
Both the NuGet package and .NET Framework 4.6 have been updated with the following features:
Dynamic events
Allows events defined "on the fly" without creating event methods.
Rich payloads
Allows specially attributed classes and arrays as well as primitive types to be passed as a payload
Activity tracking
Causes Start and Stop events to tag events between them with an ID that represents all currently active activities.
To support these features, the overloaded Write method has been added to the EventSource class.
Windows Presentation Foundation (WPF)
HDPI improvements
HDPI support in WPF is now better in .NET Framework 4.6. Changes have been made to layout rounding to reduce instances of clipping in controls with borders. By default, this feature is enabled only if your TargetFrameworkAttribute is set to .NET Framework 4.6. Applications that target earlier versions of the framework but are running on .NET Framework 4.6 can opt in to the new behavior by adding the following line to the <runtime> section of the app.config file:
<AppContextSwitchOverrides value="Switch.MS.Internal.DoNotApplyLayoutRoundingToMarginsAndBorderThickness=false" />
WPF windows straddling multiple monitors with different DPI settings (Multi-DPI setup) are now completely rendered without blacked-out regions. You can opt out of this behavior by adding the following line to the
<appSettings>
section of the app.config file to disable this new behavior:<add key="EnableMultiMonitorDisplayClipping" value="true"/>
Support for automatically loading the right cursor based on DPI setting has been added to System.Windows.Input.Cursor.
Touch is better
Customer reports on Connect that touch produces unpredictable behavior have been addressed in .NET Framework 4.6. The double tap threshold for Windows Store applications and WPF applications is now the same in Windows 8.1 and above.
Transparent child window support
WPF in .NET Framework 4.6 supports transparent child windows in Windows 8.1 and above. This allows you to create non-rectangular and transparent child windows in your top-level windows. You can enable this feature by setting the HwndSourceParameters.UsesPerPixelTransparency property to
true
.
Windows Communication Foundation (WCF)
SSL support
WCF now supports SSL version TLS 1.1 and TLS 1.2, in addition to SSL 3.0 and TLS 1.0, when using NetTcp with transport security and client authentication. It is now possible to select which protocol to use, or to disable old lesser secure protocols. This can be done either by setting the SslProtocols property or by adding the following to a configuration file.
<netTcpBinding> <binding> <security mode= "None|Transport|Message|TransportWithMessageCredential" > <transport clientCredentialType="None|Windows|Certificate" protectionLevel="None|Sign|EncryptAndSign" sslProtocols="Ssl3|Tls1|Tls11|Tls12"> </transport> </security> </binding> </netTcpBinding>
Sending messages using different HTTP connections
WCF now allows users to ensure certain messages are sent using different underlying HTTP connections. There are two ways to do this:
Using a connection group name prefix
Users can specify a string that WCF will use as a prefix for the connection group name. Two messages with different prefixes are sent using different underlying HTTP connections. You set the prefix by adding a key/value pair to the message's Message.Properties property. The key is "HttpTransportConnectionGroupNamePrefix"; the value is the desired prefix.
Using different channel factories
Users can also enable a feature that ensures that messages sent using channels created by different channel factories will use different underlying HTTP connections. To enable this feature, users must set the following
appSetting
totrue
:<appSettings> <add key="wcf:httpTransportBinding:useUniqueConnectionPoolPerFactory" value="true" /> </appSettings>
Windows Workflow Foundation (WWF)
You can now specify the number of seconds a workflow service will hold on to an out-of-order operation request when there is an outstanding "non-protocol" bookmark before timing out the request. A "non-protocol" bookmark is a bookmark that is not related to outstanding Receive activities. Some activities create non-protocol bookmarks within their implementation, so it may not be obvious that a non-protocol bookmark exists. These include State and Pick. So if you have a workflow service implemented with a state machine or containing a Pick activity, you will most likely have non-protocol bookmarks. You specify the interval by adding a line like the following to the
appSettings
section of your app.config file:<add key="microsoft:WorkflowServices:FilterResumeTimeoutInSeconds" value="60"/>
The default value is 60 seconds. If
value
is set to 0, out-of-order requests are immediately rejected with a fault with text that looks like this:Operation 'Request3|{http://tempuri.org/}IService' on service instance with identifier '2b0667b6-09c8-4093-9d02-f6c67d534292' cannot be performed at this time. Please ensure that the operations are performed in the correct order and that the binding in use provides ordered delivery guarantees.
This is the same message that you receive if an out-of-order operation message is received and there are no non-protocol bookmarks.
If the value of the
FilterResumeTimeoutInSeconds
element is non-zero, there are non-protocol bookmarks, and the timeout interval expires, the operation fails with a timeout message.Transactions
You can now include the distributed transaction identifier for the transaction that has caused an exception derived from TransactionException to be thrown. You do this by adding the following key to the
appSettings
section of your app.config file:<add key="Transactions:IncludeDistributedTransactionIdInExceptionMessage" value="true"/>
The default value is
false
.Networking
Socket reuse
Windows 10 includes a new high-scalability networking algorithm that makes better use of machine resources by reusing local ports for outbound TCP connections. .NET Framework 4.6 supports the new algorithm, enabling .NET apps to take advantage of the new behavior. In previous versions of Windows, there was an artificial concurrent connection limit (typically 16,384, the default size of the dynamic port range), which could limit the scalability of a service by causing port exhaustion when under load.
In .NET Framework 4.6, two APIs have been added to enable port reuse, which effectively removes the 64 KB limit on concurrent connections:
The System.Net.Sockets.SocketOptionName enumeration value.
The ServicePointManager.ReusePort property.
By default, the ServicePointManager.ReusePort property is
false
unless theHWRPortReuseOnSocketBind
value of theHKLM\SOFTWARE\Microsoft\.NETFramework\v4.0.30319
registry key is set to 0x1. To enable local port reuse on HTTP connections, set the ServicePointManager.ReusePort property totrue
. This causes all outgoing TCP socket connections from HttpClient and HttpWebRequest to use a new Windows 10 socket option, SO_REUSE_UNICASTPORT, that enables local port reuse.Developers writing a sockets-only application can specify the System.Net.Sockets.SocketOptionName option when calling a method such as Socket.SetSocketOption so that outbound sockets reuse local ports during binding.
Support for international domain names and PunyCode
A new property, IdnHost, has been added to the Uri class to better support international domain names and PunyCode.
Resizing in Windows Forms controls.
This feature has been expanded in .NET Framework 4.6 to include the DomainUpDown, NumericUpDown, DataGridViewComboBoxColumn, DataGridViewColumn and ToolStripSplitButton types and the rectangle specified by the Bounds property used when drawing a UITypeEditor.
This is an opt-in feature. To enable it, set the
EnableWindowsFormsHighDpiAutoResizing
element totrue
in the application configuration (app.config) file:<appSettings> <add key="EnableWindowsFormsHighDpiAutoResizing" value="true" /> </appSettings>
Support for code page encodings
.NET Core primarily supports the Unicode encodings and by default provides limited support for code page encodings. You can add support for code page encodings available in .NET Framework but unsupported in .NET Core by registering code page encodings with the Encoding.RegisterProvider method. For more information, see System.Text.CodePagesEncodingProvider.
.NET Native
Universal Windows Platform (UWP) apps that are written in C# or Visual Basic can take advantage of a new technology that compiles apps to native code rather than IL. This technology produces apps that have faster startup and execution times. For more information, see Compiling Apps with .NET Native. For an overview of .NET Native that examines how it differs from both JIT compilation and NGEN and what that means for your code, see .NET Native and Compilation.
Your apps are compiled to native code by default when you compile them with Visual Studio 2015 or later. For more information, see Getting Started with .NET Native.
To support debugging .NET Native apps, a number of new interfaces and enumerations have been added to the unmanaged debugging API. For more information, see the Debugging (Unmanaged API Reference) topic.
Open-source .NET Framework packages
.NET Core packages such as the immutable collections, SIMD APIs, and networking APIs such as those found in the System.Net.Http namespace are now available as open-source packages on GitHub. To access the code, see .NET on GitHub. For more information and how to contribute to these packages, see Introduction to .NET, .NET Home Page on GitHub.
What's new in .NET Framework 4.5.2
New APIs for ASP.NET apps. The new HttpResponse.AddOnSendingHeaders and HttpResponseBase.AddOnSendingHeaders methods let you inspect and modify response headers and status code as the response is being flushed to the client app. Consider using these methods instead of the PreSendRequestHeaders and PreSendRequestContent events; they are more efficient and reliable.
The HostingEnvironment.QueueBackgroundWorkItem method lets you schedule small background work items. ASP.NET tracks these items and prevents IIS from abruptly terminating the worker process until all background work items have completed. This method can't be called outside an ASP.NET managed app domain.
The new HttpResponse.HeadersWritten and HttpResponseBase.HeadersWritten properties return Boolean values that indicate whether the response headers have been written. You can use these properties to make sure that calls to APIs such as HttpResponse.StatusCode (which throw exceptions if the headers have been written) will succeed.
Resizing in Windows Forms controls. This feature has been expanded. You can now use the system DPI setting to resize components of the following additional controls (for example, the drop-down arrow in combo boxes):
This is an opt-in feature. To enable it, set the
EnableWindowsFormsHighDpiAutoResizing
element totrue
in the application configuration (app.config) file:<appSettings> <add key="EnableWindowsFormsHighDpiAutoResizing" value="true" /> </appSettings>
New workflow feature. A resource manager that's using the EnlistPromotableSinglePhase method (and therefore implementing the IPromotableSinglePhaseNotification interface) can use the new Transaction.PromoteAndEnlistDurable method to request the following:
Promote the transaction to a Microsoft Distributed Transaction Coordinator (MSDTC) transaction.
Replace IPromotableSinglePhaseNotification with an ISinglePhaseNotification, which is a durable enlistment that supports single phase commits.
This can be done within the same app domain, and doesn't require any extra unmanaged code to interact with MSDTC to perform the promotion. The new method can be called only when there's an outstanding call from System.Transactions to the IPromotableSinglePhaseNotification
Promote
method that's implemented by the promotable enlistment.Profiling improvements. The following new unmanaged profiling APIs provide more robust profiling:
- COR_PRF_ASSEMBLY_REFERENCE_INFO Structure
- COR_PRF_HIGH_MONITOR Enumeration
- GetAssemblyReferences Method
- GetEventMask2 Method
- SetEventMask2 Method
- AddAssemblyReference Method
Previous
ICorProfiler
implementations supported lazy loading of dependent assemblies. The new profiling APIs require dependent assemblies that are injected by the profiler to be loadable immediately, instead of being loaded after the app is fully initialized. This change doesn't affect users of the existingICorProfiler
APIs.Debugging improvements. The following new unmanaged debugging APIs provide better integration with a profiler. You can now access metadata inserted by the profiler as well as local variables and code produced by compiler ReJIT requests when dump debugging.
Event tracing changes. .NET Framework 4.5.2 enables out-of-process, Event Tracing for Windows (ETW)-based activity tracing for a larger surface area. This enables Advanced Power Management (APM) vendors to provide lightweight tools that accurately track the costs of individual requests and activities that cross threads. These events are raised only when ETW controllers enable them; therefore, the changes don't affect previously written ETW code or code that runs with ETW disabled.
Promoting a transaction and converting it to a durable enlistment
Transaction.PromoteAndEnlistDurable is a new API added to .NET Framework 4.5.2 and 4.6:
[System.Security.Permissions.PermissionSetAttribute(System.Security.Permissions.SecurityAction.LinkDemand, Name = "FullTrust")] public Enlistment PromoteAndEnlistDurable(Guid resourceManagerIdentifier, IPromotableSinglePhaseNotification promotableNotification, ISinglePhaseNotification enlistmentNotification, EnlistmentOptions enlistmentOptions)
<System.Security.Permissions.PermissionSetAttribute(System.Security.Permissions.SecurityAction.LinkDemand, Name:="FullTrust")> public Function PromoteAndEnlistDurable(resourceManagerIdentifier As Guid, promotableNotification As IPromotableSinglePhaseNotification, enlistmentNotification As ISinglePhaseNotification, enlistmentOptions As EnlistmentOptions) As Enlistment
The method may be used by an enlistment that was previously created by Transaction.EnlistPromotableSinglePhase in response to the ITransactionPromoter.Promote method. It asks
System.Transactions
to promote the transaction to an MSDTC transaction and to "convert" the promotable enlistment to a durable enlistment. After this method completes successfully, the IPromotableSinglePhaseNotification interface will no longer be referenced bySystem.Transactions
, and any future notifications will arrive on the provided ISinglePhaseNotification interface. The enlistment in question must act as a durable enlistment, supporting transaction logging and recovery. Refer to Transaction.EnlistDurable for details. In addition, the enlistment must support ISinglePhaseNotification. This method can only be called while processing an ITransactionPromoter.Promote call. If that is not the case, a TransactionException exception is thrown.
What's new in .NET Framework 4.5.1
April 2014 updates:
Visual Studio 2013 Update 2 includes updates to the Portable Class Library templates to support these scenarios:
You can use Windows Runtime APIs in portable libraries that target Windows 8.1, Windows Phone 8.1, and Windows Phone Silverlight 8.1.
You can include XAML (Windows.UI.XAML types) in portable libraries when you target Windows 8.1 or Windows Phone 8.1. The following XAML templates are supported: Blank Page, Resource Dictionary, Templated Control, and User Control.
You can create a portable Windows Runtime component (.winmd file) for use in Store apps that target Windows 8.1 and Windows Phone 8.1.
You can retarget a Windows Store or Windows Phone Store class library like a Portable Class Library.
For more information about these changes, see Portable Class Library.
The .NET Framework content set now includes documentation for .NET Native, which is a precompilation technology for building and deploying Windows apps. .NET Native compiles your apps directly to native code, rather than to intermediate language (IL), for better performance. For details, see Compiling Apps with .NET Native.
The .NET Framework Reference Source provides a new browsing experience and enhanced functionality. You can now browse through the .NET Framework source code online, download the reference for offline viewing, and step through the sources (including patches and updates) during debugging. For more information, see the blog entry A new look for .NET Reference Source.
New features and enhancements in the base classes in .NET Framework 4.5.1 include:
Automatic binding redirection for assemblies. Starting with Visual Studio 2013, when you compile an app that targets .NET Framework 4.5.1, binding redirects may be added to the app configuration file if your app or its components reference multiple versions of the same assembly. You can also enable this feature for projects that target older versions of .NET Framework. For more information, see How to: Enable and Disable Automatic Binding Redirection.
Ability to collect diagnostics information to help developers improve the performance of server and cloud applications. For more information, see the WriteEventWithRelatedActivityId and WriteEventWithRelatedActivityIdCore methods in the EventSource class.
Ability to explicitly compact the large object heap (LOH) during garbage collection. For more information, see the GCSettings.LargeObjectHeapCompactionMode property.
Additional performance improvements such as ASP.NET app suspension, multi-core JIT improvements, and faster app startup after a .NET Framework update. For details, see the .NET Framework 4.5.1 announcement and the ASP.NET app suspend blog post.
Improvements to Windows Forms include:
Resizing in Windows Forms controls. You can use the system DPI setting to resize components of controls (for example, the icons that appear in a property grid) by opting in with an entry in the application configuration file (app.config) for your app. This feature is currently supported in the following Windows Forms controls:
- PropertyGrid
- TreeView
- Some aspects of the DataGridView (see new features in 4.5.2 for additional controls supported)
To enable this feature, add a new <appSettings> element to the configuration file (app.config) and set the
EnableWindowsFormsHighDpiAutoResizing
element totrue
:<appSettings> <add key="EnableWindowsFormsHighDpiAutoResizing" value="true" /> </appSettings>
Improvements when debugging your .NET Framework apps in Visual Studio 2013 include:
Return values in the Visual Studio debugger. When you debug a managed app in Visual Studio 2013, the Autos window displays return types and values for methods. This information is available for desktop, Windows Store, and Windows Phone apps. For more information, see Examine return values of method calls.
Edit and Continue for 64-bit apps. Visual Studio 2013 supports the Edit and Continue feature for 64-bit managed apps for desktop, Windows Store, and Windows Phone. The existing limitations remain in effect for both 32-bit and 64-bit apps (see the last section of the Supported Code Changes (C#) article).
Async-aware debugging. To make it easier to debug asynchronous apps in Visual Studio 2013, the call stack hides the infrastructure code provided by compilers to support asynchronous programming, and also chains in logical parent frames so you can follow logical program execution more clearly. A Tasks window replaces the Parallel Tasks window and displays tasks that relate to a particular breakpoint, and also displays any other tasks that are currently active or scheduled in the app. You can read about this feature in the "Async-aware debugging" section of the .NET Framework 4.5.1 announcement.
Better exception support for Windows Runtime components. In Windows 8.1, exceptions that arise from Windows Store apps preserve information about the error that caused the exception, even across language boundaries. You can read about this feature in the "Windows Store app development" section of the .NET Framework 4.5.1 announcement.
Starting with Visual Studio 2013, you can use the Managed Profile Guided Optimization Tool (Mpgo.exe) to optimize Windows 8.x Store apps as well as desktop apps.
For new features in ASP.NET 4.5.1, see ASP.NET and Web Tools for Visual Studio 2013 Release Notes.
What's new in .NET Framework 4.5
Base classes
Ability to reduce system restarts by detecting and closing .NET Framework 4 applications during deployment. See Reducing System Restarts During .NET Framework 4.5 Installations.
Support for arrays that are larger than 2 gigabytes (GB) on 64-bit platforms. This feature can be enabled in the application configuration file. See the <gcAllowVeryLargeObjects> element, which also lists other restrictions on object size and array size.
Better performance through background garbage collection for servers. When you use server garbage collection in .NET Framework 4.5, background garbage collection is automatically enabled. See the Background Server Garbage Collection section of the Fundamentals of Garbage Collection topic.
Background just-in-time (JIT) compilation, which is optionally available on multi-core processors to improve application performance. See ProfileOptimization.
Ability to limit how long the regular expression engine will attempt to resolve a regular expression before it times out. See the Regex.MatchTimeout property.
Ability to define the default culture for an application domain. See the CultureInfo class.
Console support for Unicode (UTF-16) encoding. See the Console class.
Support for versioning of cultural string ordering and comparison data. See the SortVersion class.
Better performance when retrieving resources. See Package and deploy resources.
Zip compression improvements to reduce the size of a compressed file. See the System.IO.Compression namespace.
Ability to customize a reflection context to override default reflection behavior through the CustomReflectionContext class.
Support for the 2008 version of the Internationalized Domain Names in Applications (IDNA) standard when the System.Globalization.IdnMapping class is used on Windows 8.
Delegation of string comparison to the operating system, which implements Unicode 6.0, when the .NET Framework is used on Windows 8. When running on other platforms, the .NET Framework includes its own string comparison data, which implements Unicode 5.x. See the String class and the Remarks section of the SortVersion class.
Ability to compute the hash codes for strings on a per application domain basis. See <UseRandomizedStringHashAlgorithm> Element.
Type reflection support split between Type and TypeInfo classes. See Reflection in the .NET Framework for Windows Store Apps.
Managed Extensibility Framework (MEF)
In .NET Framework 4.5, the Managed Extensibility Framework (MEF) provides the following new features:
Support for generic types.
Convention-based programming model that enables you to create parts based on naming conventions rather than attributes.
Multiple scopes.
A subset of MEF that you can use when you create Windows 8.x Store apps. This subset is available as a downloadable package from the NuGet Gallery. To install the package, open your project in Visual Studio, choose Manage NuGet Packages from the Project menu, and search online for the
Microsoft.Composition
package.
For more information, see Managed Extensibility Framework (MEF).
Asynchronous file operations
In .NET Framework 4.5, new asynchronous features were added to the C# and Visual Basic languages. These features add a task-based model for performing asynchronous operations. To use this new model, use the asynchronous methods in the I/O classes. See Asynchronous File I/O.
Tools
In .NET Framework 4.5, Resource File Generator (Resgen.exe) enables you to create a .resw file for use in Windows 8.x Store apps from a .resources file embedded in a .NET Framework assembly. For more information, see Resgen.exe (Resource File Generator).
Managed Profile Guided Optimization (Mpgo.exe) enables you to improve application startup time, memory utilization (working set size), and throughput by optimizing native image assemblies. The command-line tool generates profile data for native image application assemblies. See Mpgo.exe (Managed Profile Guided Optimization Tool). Starting with Visual Studio 2013, you can use Mpgo.exe to optimize Windows 8.x Store apps as well as desktop apps.
Parallel computing
.NET Framework 4.5 provides several new features and improvements for parallel computing. These include improved performance, increased control, improved support for asynchronous programming, a new dataflow library, and improved support for parallel debugging and performance analysis. See the entry What's New for Parallelism in .NET Framework 4.5 in the Parallel Programming with .NET blog.
Web
ASP.NET 4.5 and 4.5.1 add model binding for Web Forms, WebSocket support, asynchronous handlers, performance enhancements, and many other features. For more information, see the following resources:
Networking
.NET Framework 4.5 provides a new programming interface for HTTP applications. For more information, see the new System.Net.Http and System.Net.Http.Headers namespaces.
Support is also included for a new programming interface for accepting and interacting with a WebSocket connection by using the existing HttpListener and related classes. For more information, see the new System.Net.WebSockets namespace and the HttpListener class.
In addition, .NET Framework 4.5 includes the following networking improvements:
RFC-compliant URI support. For more information, see Uri and related classes.
Support for Internationalized Domain Name (IDN) parsing. For more information, see Uri and related classes.
Support for Email Address Internationalization (EAI). For more information, see the System.Net.Mail namespace.
Improved IPv6 support. For more information, see the System.Net.NetworkInformation namespace.
Dual-mode socket support. For more information, see the Socket and TcpListener classes.
Windows Presentation Foundation (WPF)
In .NET Framework 4.5, Windows Presentation Foundation (WPF) contains changes and improvements in the following areas:
The new Ribbon control, which enables you to implement a ribbon user interface that hosts a Quick Access Toolbar, Application Menu, and tabs.
The new INotifyDataErrorInfo interface, which supports synchronous and asynchronous data validation.
New features for the VirtualizingPanel and Dispatcher classes.
Improved performance when displaying large sets of grouped data, and by accessing collections on non-UI threads.
Data binding to static properties, data binding to custom types that implement the ICustomTypeProvider interface, and retrieval of data binding information from a binding expression.
Repositioning of data as the values change (live shaping).
Ability to check whether the data context for an item container is disconnected.
Ability to set the amount of time that should elapse between property changes and data source updates.
Improved support for implementing weak event patterns. Also, events can now accept markup extensions.
Windows Communication Foundation (WCF)
In .NET Framework 4.5, the following features have been added to make it simpler to write and maintain Windows Communication Foundation (WCF) applications:
Simplification of generated configuration files.
Support for contract-first development.
Ability to configure ASP.NET compatibility mode more easily.
Changes in default transport property values to reduce the likelihood that you will have to set them.
Updates to the XmlDictionaryReaderQuotas class to reduce the likelihood that you will have to manually configure quotas for XML dictionary readers.
Validation of WCF configuration files by Visual Studio as part of the build process, so you can detect configuration errors before you run your application.
New asynchronous streaming support.
New HTTPS protocol mapping to make it easier to expose an endpoint over HTTPS with Internet Information Services (IIS).
Ability to generate metadata in a single WSDL document by appending
?singleWSDL
to the service URL.Websockets support to enable true bidirectional communication over ports 80 and 443 with performance characteristics similar to the TCP transport.
Support for configuring services in code.
XML Editor tooltips.
ChannelFactory caching support.
Binary encoder compression support.
Support for a UDP transport that enables developers to write services that use "fire and forget" messaging. A client sends a message to a service and expects no response from the service.
Ability to support multiple authentication modes on a single WCF endpoint when using the HTTP transport and transport security.
Support for WCF services that use internationalized domain names (IDNs).
For more information, see What's New in Windows Communication Foundation.
Windows Workflow Foundation (WF)
In .NET Framework 4.5, several new features were added to Windows Workflow Foundation (WF), including:
State machine workflows, which were first introduced as part of .NET Framework 4.0.1 (.NET Framework 4 Platform Update 1). This update included several new classes and activities that enabled developers to create state machine workflows. These classes and activities were updated for .NET Framework 4.5 to include:
The ability to set breakpoints on states.
The ability to copy and paste transitions in the workflow designer.
Designer support for shared trigger transition creation.
Activities for creating state machine workflows, including: StateMachine, State, and Transition.
Enhanced Workflow Designer features such as the following:
Enhanced workflow search capabilities in Visual Studio, including Quick Find and Find in Files.
Ability to automatically create a Sequence activity when a second child activity is added to a container activity, and to include both activities in the Sequence activity.
Panning support, which enables the visible portion of a workflow to be changed without using the scroll bars.
A new Document Outline view that shows the components of a workflow in a tree-style outline view and lets you select a component in the Document Outline view.
Ability to add annotations to activities.
Ability to define and consume activity delegates by using the workflow designer.
Auto-connect and auto-insert for activities and transitions in state machine and flowchart workflows.
Storage of the view state information for a workflow in a single element in the XAML file, so you can easily locate and edit the view state information.
A NoPersistScope container activity to prevent child activities from persisting.
Support for C# expressions:
Workflow projects that use Visual Basic will use Visual Basic expressions, and C# workflow projects will use C# expressions.
C# workflow projects that were created in Visual Studio 2010 and that have Visual Basic expressions are compatible with C# workflow projects that use C# expressions.
Versioning enhancements:
The new WorkflowIdentity class, which provides a mapping between a persisted workflow instance and its workflow definition.
Side-by-side execution of multiple workflow versions in the same host, including WorkflowServiceHost.
In Dynamic Update, the ability to modify the definition of a persisted workflow instance.
Contract-first workflow service development, which provides support for automatically generating activities to match an existing service contract.
For more information, see What's New in Windows Workflow Foundation.
.NET for Windows 8.x Store apps
Windows 8.x Store apps are designed for specific form factors and leverage the power of the Windows operating system. A subset of .NET Framework 4.5 or 4.5.1 is available for building Windows 8.x Store apps for Windows by using C# or Visual Basic. This subset is called .NET for Windows 8.x Store apps and is discussed in an overview.
Portable Class Libraries
The Portable Class Library project in Visual Studio 2012 (and later versions) enables you to write and build managed assemblies that work on multiple .NET Framework platforms. Using a Portable Class Library project, you choose the platforms (such as Windows Phone and .NET for Windows 8.x Store apps) to target. The available types and members in your project are automatically restricted to the common types and members across these platforms. For more information, see Portable Class Library.