Save the date! Android Dev Summit is coming to Mountain View, CA on November 7-8, 2018.

UrlQuerySanitizer.IllegalCharacterValueSanitizer

public static class UrlQuerySanitizer.IllegalCharacterValueSanitizer
extends Object implements UrlQuerySanitizer.ValueSanitizer

java.lang.Object
   ↳ android.net.UrlQuerySanitizer.IllegalCharacterValueSanitizer


Sanitize values based on which characters they contain. Illegal characters are replaced with either space or '_', depending upon whether space is a legal character or not.

Summary

Constants

int ALL_BUT_NUL_AND_ANGLE_BRACKETS_LEGAL

  • Allow all but.

int ALL_BUT_NUL_LEGAL

  • Allow all special characters except Nul.

int ALL_BUT_WHITESPACE_LEGAL

  • Allow all special characters except for:
    • whitespace characters
    • Nul ('\0')
  • Allow script URLs.

int ALL_ILLEGAL

  • Deny all special characters.

int ALL_OK

Mask with all fields set to OK

int ALL_WHITESPACE_OK

Mask with both regular space and other whitespace OK

int AMP_AND_SPACE_LEGAL

  • Allow ampersand.

int AMP_LEGAL

  • Allow ampersand.

int AMP_OK

Allow ampersand characters ('&')

int DQUOTE_OK

Allow double quote characters.

int GT_OK

Allow greater-than characters.

int LT_OK

Allow less-than characters.

int NON_7_BIT_ASCII_OK

Allow characters with character codes 128 to 255.

int NUL_OK

Allow nul characters ('\0')

int OTHER_WHITESPACE_OK

Allow whitespace characters other than space.

int PCT_OK

Allow percent-sign characters ('%')

int SCRIPT_URL_OK

Allow text to start with a script URL such as "javascript:" or "vbscript:"

int SPACE_LEGAL

  • Allow space.

int SPACE_OK

Allow space (' ') characters.

int SQUOTE_OK

Allow single quote characters.

int URL_AND_SPACE_LEGAL

  • Allow characters used by encoded URLs.

int URL_LEGAL

  • Allow characters used by encoded URLs.

Public constructors

UrlQuerySanitizer.IllegalCharacterValueSanitizer(int flags)

Construct a sanitizer.

Public methods

String sanitize(String value)

Sanitize a value.

Inherited methods

Constants

added in API level 1
public static final int ALL_BUT_NUL_AND_ANGLE_BRACKETS_LEGAL

  • Allow all but.
    • Nul ('\0')
    • Angle brackets ('<', '>')
  • Deny script URLs.

Constant Value: 1439 (0x0000059f)

added in API level 1
public static final int ALL_BUT_NUL_LEGAL

  • Allow all special characters except Nul. ('\0').
  • Allow script URLs.

Constant Value: 1535 (0x000005ff)

added in API level 1
public static final int ALL_BUT_WHITESPACE_LEGAL

  • Allow all special characters except for:
    • whitespace characters
    • Nul ('\0')
  • Allow script URLs.

Constant Value: 1532 (0x000005fc)

ALL_ILLEGAL

added in API level 1
public static final int ALL_ILLEGAL

  • Deny all special characters.
  • Deny script URLs.

Constant Value: 0 (0x00000000)

ALL_OK

added in API level 1
public static final int ALL_OK

Mask with all fields set to OK

Constant Value: 2047 (0x000007ff)

ALL_WHITESPACE_OK

added in API level 1
public static final int ALL_WHITESPACE_OK

Mask with both regular space and other whitespace OK

Constant Value: 3 (0x00000003)

added in API level 1
public static final int AMP_AND_SPACE_LEGAL

  • Allow ampersand.
  • Allow space.
  • Deny script URLs.

Constant Value: 129 (0x00000081)

added in API level 1
public static final int AMP_LEGAL

  • Allow ampersand.
  • Deny script URLs.

Constant Value: 128 (0x00000080)

AMP_OK

added in API level 1
public static final int AMP_OK

Allow ampersand characters ('&')

Constant Value: 128 (0x00000080)

DQUOTE_OK

added in API level 1
public static final int DQUOTE_OK

Allow double quote characters. ('"')

Constant Value: 8 (0x00000008)

GT_OK

added in API level 1
public static final int GT_OK

Allow greater-than characters. ('>')

Constant Value: 64 (0x00000040)

LT_OK

added in API level 1
public static final int LT_OK

Allow less-than characters. ('<')

Constant Value: 32 (0x00000020)

NON_7_BIT_ASCII_OK

added in API level 1
public static final int NON_7_BIT_ASCII_OK

Allow characters with character codes 128 to 255.

Constant Value: 4 (0x00000004)

NUL_OK

added in API level 1
public static final int NUL_OK

Allow nul characters ('\0')

Constant Value: 512 (0x00000200)

OTHER_WHITESPACE_OK

added in API level 1
public static final int OTHER_WHITESPACE_OK

Allow whitespace characters other than space. The other whitespace characters are '\t' '\f' '\n' '\r' and '\0x000b' (vertical tab)

Constant Value: 2 (0x00000002)

PCT_OK

added in API level 1
public static final int PCT_OK

Allow percent-sign characters ('%')

Constant Value: 256 (0x00000100)

SCRIPT_URL_OK

added in API level 1
public static final int SCRIPT_URL_OK

Allow text to start with a script URL such as "javascript:" or "vbscript:"

Constant Value: 1024 (0x00000400)

added in API level 1
public static final int SPACE_LEGAL

  • Allow space.
  • Deny script URLs.

Constant Value: 1 (0x00000001)

SPACE_OK

added in API level 1
public static final int SPACE_OK

Allow space (' ') characters.

Constant Value: 1 (0x00000001)

SQUOTE_OK

added in API level 1
public static final int SQUOTE_OK

Allow single quote characters. ('\'')

Constant Value: 16 (0x00000010)

added in API level 1
public static final int URL_AND_SPACE_LEGAL

  • Allow characters used by encoded URLs.
  • Allow spaces.
  • Deny script URLs.

Constant Value: 405 (0x00000195)

added in API level 1
public static final int URL_LEGAL

  • Allow characters used by encoded URLs.
  • Deny script URLs.

Constant Value: 404 (0x00000194)

Public constructors

UrlQuerySanitizer.IllegalCharacterValueSanitizer

added in API level 1
public UrlQuerySanitizer.IllegalCharacterValueSanitizer (int flags)

Construct a sanitizer. The parameters set the behavior of the sanitizer.

Parameters
flags int: some combination of the XXX_OK flags.

Public methods

sanitize

added in API level 1
public String sanitize (String value)

Sanitize a value.

  1. If script URLs are not OK, the will be removed.
  2. If neither spaces nor other white space is OK, then white space will be trimmed from the beginning and end of the URL. (Just the actual white space characters are trimmed, not other control codes.)
  3. Illegal characters will be replaced with either ' ' or '_', depending on whether a space is itself a legal character.

Returns
String the sanitized value