public static class

UrlQuerySanitizer.IllegalCharacterValueSanitizer

extends Object
implements UrlQuerySanitizer.ValueSanitizer
java.lang.Object
   ↳ android.net.UrlQuerySanitizer.IllegalCharacterValueSanitizer

Class Overview

Sanitize values based on which characters they contain. Illegal characters are replaced with either space or '_', depending upon whether space is a legal character or not.

Summary

Constants
int ALL_BUT_NUL_AND_ANGLE_BRACKETS_LEGAL
  • Allow all but.
int ALL_BUT_NUL_LEGAL
  • Allow all special characters except Nul.
int ALL_BUT_WHITESPACE_LEGAL
  • Allow all special characters except for:
    • whitespace characters
    • Nul ('\0')
  • Allow script URLs.
int ALL_ILLEGAL
  • Deny all special characters.
int ALL_OK Mask with all fields set to OK
int ALL_WHITESPACE_OK Mask with both regular space and other whitespace OK
int AMP_AND_SPACE_LEGAL
  • Allow ampersand.
int AMP_LEGAL
  • Allow ampersand.
int AMP_OK Allow ampersand characters ('&')
int DQUOTE_OK Allow double quote characters.
int GT_OK Allow greater-than characters.
int LT_OK Allow less-than characters.
int NON_7_BIT_ASCII_OK Allow characters with character codes 128 to 255.
int NUL_OK Allow nul characters ('\0')
int OTHER_WHITESPACE_OK Allow whitespace characters other than space.
int PCT_OK Allow percent-sign characters ('%')
int SCRIPT_URL_OK Allow text to start with a script URL such as "javascript:" or "vbscript:"
int SPACE_LEGAL
  • Allow space.
int SPACE_OK Allow space (' ') characters.
int SQUOTE_OK Allow single quote characters.
int URL_AND_SPACE_LEGAL
  • Allow characters used by encoded URLs.
int URL_LEGAL
  • Allow characters used by encoded URLs.
Public Constructors
UrlQuerySanitizer.IllegalCharacterValueSanitizer(int flags)
Construct a sanitizer.
Public Methods
String sanitize(String value)
Sanitize a value.
[Expand]
Inherited Methods
From class java.lang.Object
From interface android.net.UrlQuerySanitizer.ValueSanitizer

Constants

public static final int ALL_BUT_NUL_AND_ANGLE_BRACKETS_LEGAL

  • Allow all but.
    • Nul ('\0')
    • Angle brackets ('<', '>')
  • Deny script URLs.

Constant Value: 1439 (0x0000059f)

public static final int ALL_BUT_NUL_LEGAL

  • Allow all special characters except Nul. ('\0').
  • Allow script URLs.

Constant Value: 1535 (0x000005ff)

public static final int ALL_BUT_WHITESPACE_LEGAL

  • Allow all special characters except for:
    • whitespace characters
    • Nul ('\0')
  • Allow script URLs.

Constant Value: 1532 (0x000005fc)

public static final int ALL_ILLEGAL

  • Deny all special characters.
  • Deny script URLs.

Constant Value: 0 (0x00000000)

public static final int ALL_OK

Mask with all fields set to OK

Constant Value: 2047 (0x000007ff)

public static final int ALL_WHITESPACE_OK

Mask with both regular space and other whitespace OK

Constant Value: 3 (0x00000003)

public static final int AMP_AND_SPACE_LEGAL

  • Allow ampersand.
  • Allow space.
  • Deny script URLs.

Constant Value: 129 (0x00000081)

public static final int AMP_LEGAL

  • Allow ampersand.
  • Deny script URLs.

Constant Value: 128 (0x00000080)

public static final int AMP_OK

Allow ampersand characters ('&')

Constant Value: 128 (0x00000080)

public static final int DQUOTE_OK

Allow double quote characters. ('"')

Constant Value: 8 (0x00000008)

public static final int GT_OK

Allow greater-than characters. ('>')

Constant Value: 64 (0x00000040)

public static final int LT_OK

Allow less-than characters. ('<')

Constant Value: 32 (0x00000020)

public static final int NON_7_BIT_ASCII_OK

Allow characters with character codes 128 to 255.

Constant Value: 4 (0x00000004)

public static final int NUL_OK

Allow nul characters ('\0')

Constant Value: 512 (0x00000200)

public static final int OTHER_WHITESPACE_OK

Allow whitespace characters other than space. The other whitespace characters are '\t' '\f' '\n' '\r' and '\0x000b' (vertical tab)

Constant Value: 2 (0x00000002)

public static final int PCT_OK

Allow percent-sign characters ('%')

Constant Value: 256 (0x00000100)

public static final int SCRIPT_URL_OK

Allow text to start with a script URL such as "javascript:" or "vbscript:"

Constant Value: 1024 (0x00000400)

public static final int SPACE_LEGAL

  • Allow space.
  • Deny script URLs.

Constant Value: 1 (0x00000001)

public static final int SPACE_OK

Allow space (' ') characters.

Constant Value: 1 (0x00000001)

public static final int SQUOTE_OK

Allow single quote characters. ('\'')

Constant Value: 16 (0x00000010)

public static final int URL_AND_SPACE_LEGAL

  • Allow characters used by encoded URLs.
  • Allow spaces.
  • Deny script URLs.

Constant Value: 405 (0x00000195)

public static final int URL_LEGAL

  • Allow characters used by encoded URLs.
  • Deny script URLs.

Constant Value: 404 (0x00000194)

Public Constructors

public UrlQuerySanitizer.IllegalCharacterValueSanitizer (int flags)

Construct a sanitizer. The parameters set the behavior of the sanitizer.

Parameters
flags some combination of the XXX_OK flags.

Public Methods

public String sanitize (String value)

Sanitize a value.

  1. If script URLs are not OK, the will be removed.
  2. If neither spaces nor other white space is OK, then white space will be trimmed from the beginning and end of the URL. (Just the actual white space characters are trimmed, not other control codes.)
  3. Illegal characters will be replaced with either ' ' or '_', depending on whether a space is itself a legal character.

Returns
  • the sanitized value