title | description | ms.date |
---|---|---|
Breaking change: Certificates checked before loading remote images in PictureBox |
Learn about the .NET 9 breaking change in Windows Forms where WebClient checks certificates against the revocation list before loading remote images in a PictureBox control. |
02/12/2024 |
The behavior of how xref:System.Windows.Forms.PictureBox loads a remote image changed in .NET 8. Now, before an image is loaded via xref:System.Net.WebClient, xref:System.Net.ServicePointManager.CheckCertificateRevocationList?displayProperty=nameWithType is set to true
, so WebClient
checks certificates against the certificate revocation list (CRL) as part of the validation process.
Previously, xref:System.Net.ServicePointManager.CheckCertificateRevocationList?displayProperty=nameWithType was not set to true
. When WebClient
loaded the remote image to a xref:System.Windows.Forms.PictureBox control, it didn't check certificates against the CRL as part of validation process.
Starting in .NET 8, xref:System.Net.ServicePointManager.CheckCertificateRevocationList?displayProperty=nameWithType is set to true
, and WebClient
checks certificates against the CRL as part of the validation process when loading a remote image in a PictureBox
control. After the image is loaded, CheckCertificateRevocationList
will be true
for rest of the app's lifetime.
.NET 8
This change is a behavioral change.
It's considered best practice to set xref:System.Net.ServicePointManager.CheckCertificateRevocationList?displayProperty=nameWithType to true
before creating WebClient
or WebRequest
objects, so that those objects don't accept revoked certificates as valid.
The effects of this change are outlined at Load behavior changes. If you want to revert to the previous behavior, that article also describes how to do so via a switch.
- xref:System.Windows.Forms.PictureBox?displayProperty=fullName