News
Microsoft Releases .NET Framework 4.7.2
Microsoft's new .NET Core 2.0 and .NET Standard 2.0 offerings may be generating the most buzz among .NET developers these days, but for many use cases the traditional .NET Framework is still the best choice, just released in version 4.7.2.
The new .NET Framework 4.7.2 is the next major update following the October 2017 release of v4.7.1, which added support for .NET Standard 2.0, defining APIs that all conformant .NET implementations must provide to ensure consistent API usage across development projects, replacing the previous Portable Class Libraries (PCL) as the means to create libraries for all scenarios.
While .NET Core offers cross-platform functionality and more, the 16-year-old .NET Framework is still an optimal choice for targeting Windows desktop projects such as WinForms, WPF and ASP.NET WebForms apps.
Both .NET Core and .NET Framework are used for creating server-side apps, and Microsoft says in determining which to use, to consider:
- Using .NET Framework for your server application when:
- Your app currently uses .NET Framework (recommendation is to extend instead of migrating).
- Your app uses third-party .NET libraries or NuGet packages not available for .NET Core.
- Your app uses .NET technologies that aren't available for .NET Core.
- Your app uses a platform that doesn’t support .NET Core.
- Using .NET Core for your server application when:
- You have cross-platform needs.
- You are targeting microservices.
- You are using Docker containers.
- You need high-performance and scalable systems.
- You need side-by-side .NET versions per application.
Microsoft also provided guidance about when and when not to consider porting existing .NET Framework projects to .NET Core.
As noted one of main use cases for .NET Framework is ASP.NET Web apps, and in that area the new 4.7.2 release has added several improvements, Microsoft said in a post yesterday (April 30), notably:
-
Support for dependency injection (DI) in Web Forms apps. While DI is already supported by the MVC Framework, it was much harder to implement for ASP.NET Web Forms. Microsoft describes DI as "a technique whereby one object supplies the dependencies of another object. It decouples the objects so that no client code has to be changed simply because an object it depends on needs to be changed to a different one." Microsoft said the new DI functionality in ASP.NET Web Forms applications will support:
- Setter-based, interface-based and constructor-based injection in Web application projects in Handler, Module, Page, User control and Custom control.
- Setter-based and interface-based injection in Web site projects in Handler, Module, Page, User controls and Custom controls.
- Extensibility to support different DI frameworks.
-
SameSite Cookie. This prevents browsers from sending this cookie along with cross-site requests, Microsoft said. "In .NET Framework 4.7.2, a new property SameSite has been added in HttpCookie type and ASP.NET will add a SameSite attribute into the set-cookie header if HttpCookie.SameSite is set to SameSiteMode.Strict or SameSiteMode.Lax. The support for SameSite cookie is two-fold in this case:
- In HttpCookie object
- In FormsAuthentication and SessionState cookies
Microsoft has also beefed up SQL query security with the addition of a new Azure AD Interactive authentication keyword to support Multi-Factor Authentication (MFA). That will prevent the need to include a password directly in a connection string. It also enables support for Azure AD Authentication.
A host of other improvements, bug fixes and tweaks were made to the various .NET Framework components, and you can check them out in the .NET Framework 4.7.2 Release Notes on GitHub. Specific sections include:
.NET Framework 4.7.2 is included in the Windows 10 April 2018 Update and can be installed for Windows 7+ and Windows Server 2008 R2+ via a Web installer or offline installer (note that clicking on links initiates a download).
Microsoft yesterday announced that the Windows 10 April 2018 Update (build 17134.1) and SDK are now available.
About the Author
David Ramel is an editor and writer at Converge 360.