SQLiteQueryBuilder.SetStrict(Boolean) Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
When set, the selection is verified against malicious arguments.
[Android.Runtime.Register("setStrict", "(Z)V", "GetSetStrict_ZHandler")]
public virtual void SetStrict (bool strict);
[<Android.Runtime.Register("setStrict", "(Z)V", "GetSetStrict_ZHandler")>]
abstract member SetStrict : bool -> unit
override this.SetStrict : bool -> unit
Parameters
- strict
- Boolean
- Attributes
Remarks
When set, the selection is verified against malicious arguments. When using this class to create a statement using #buildQueryString(boolean, String, String[], String, String, String, String, String)
, non-numeric limits will raise an exception. If a projection map is specified, fields not in that map will be ignored. If this class is used to execute the statement directly using #query(SQLiteDatabase, String[], String, String[], String, String, String)
or #query(SQLiteDatabase, String[], String, String[], String, String, String, String)
, additionally also parenthesis escaping selection are caught. To summarize: To get maximum protection against malicious third party apps (for example content provider consumers), make sure to do the following: <ul> <li>Set this value to true</li> <li>Use a projection map</li> <li>Use one of the query overloads instead of getting the statement as a sql string</li> </ul>
This feature is disabled by default on each newly constructed SQLiteQueryBuilder
and needs to be manually enabled.
Java documentation for android.database.sqlite.SQLiteQueryBuilder.setStrict(boolean)
.
Portions of this page are modifications based on work created and shared by the Android Open Source Project and used according to terms described in the Creative Commons 2.5 Attribution License.