Added in API level 9

Summary: Ctors | Methods | Inherited Methods

StrictMode.VmPolicy.Builder

Kotlin |Java

public static final class StrictMode.VmPolicy.Builder
extends Object

java.lang.Object
↳	android.os.StrictMode.VmPolicy.Builder

Creates VmPolicy instances. Methods whose names start with detect specify what problems we should look for. Methods whose names start with penalty specify what we should do when we detect a problem.

You can call as many detect and penalty methods as you like. Currently order is insignificant: all penalties apply to all detected problems.

For example, detect everything and log anything that's found:

 StrictMode.VmPolicy policy = new StrictMode.VmPolicy.Builder()
     .detectAll()
     .penaltyLog()
     .build();
 StrictMode.setVmPolicy(policy);

Summary

Public constructors
`Builder()`
`Builder(StrictMode.VmPolicy base)` Build upon an existing VmPolicy.

Public methods
`StrictMode.VmPolicy`	`build()` Construct the VmPolicy instance.
`StrictMode.VmPolicy.Builder`	`detectActivityLeaks()` Detect leaks of `Activity` subclasses.
`StrictMode.VmPolicy.Builder`	`detectAll()` Detect everything that's potentially suspect.
`StrictMode.VmPolicy.Builder`	`detectCleartextNetwork()` Detect any network traffic from the calling app which is not wrapped in SSL/TLS.
`StrictMode.VmPolicy.Builder`	`detectContentUriWithoutPermission()` Detect when the calling application sends a `content://` `Uri` to another app without setting `Intent.FLAG_GRANT_READ_URI_PERMISSION` or `Intent.FLAG_GRANT_WRITE_URI_PERMISSION`.
`StrictMode.VmPolicy.Builder`	`detectCredentialProtectedWhileLocked()` Detect access to filesystem paths stored in credential protected storage areas while the user is locked.
`StrictMode.VmPolicy.Builder`	`detectFileUriExposure()` Detect when the calling application exposes a `file://` `Uri` to another app.
`StrictMode.VmPolicy.Builder`	`detectImplicitDirectBoot()` Detect any implicit reliance on Direct Boot automatic filtering of `PackageManager` values.
`StrictMode.VmPolicy.Builder`	`detectIncorrectContextUse()` Detect attempts to invoke a method on a `Context` that is not suited for such operation.
`StrictMode.VmPolicy.Builder`	`detectLeakedClosableObjects()` Detect when an `Closeable` or other object with an explicit termination method is finalized without having been closed.
`StrictMode.VmPolicy.Builder`	`detectLeakedRegistrationObjects()` Detect when a `BroadcastReceiver` or `ServiceConnection` is leaked during `Context` teardown.
`StrictMode.VmPolicy.Builder`	`detectLeakedSqlLiteObjects()` Detect when an `SQLiteCursor` or other SQLite object is finalized without having been closed.
`StrictMode.VmPolicy.Builder`	`detectNonSdkApiUsage()` Detect reflective usage of APIs that are not part of the public Android SDK.
`StrictMode.VmPolicy.Builder`	`detectUnsafeIntentLaunch()` Detect when your app sends an unsafe `Intent`.
`StrictMode.VmPolicy.Builder`	`detectUntaggedSockets()` Detect any sockets in the calling app which have not been tagged using `TrafficStats`.
`StrictMode.VmPolicy.Builder`	`penaltyDeath()` Crashes the whole process on violation.
`StrictMode.VmPolicy.Builder`	`penaltyDeathOnCleartextNetwork()` Crashes the whole process when cleartext network traffic is detected.
`StrictMode.VmPolicy.Builder`	`penaltyDeathOnFileUriExposure()` Crashes the whole process when a `file://` `Uri` is exposed beyond this app.
`StrictMode.VmPolicy.Builder`	`penaltyDropBox()` Enable detected violations log a stacktrace and timing data to the `DropBox` on policy violation.
`StrictMode.VmPolicy.Builder`	`penaltyListener(Executor executor, StrictMode.OnVmViolationListener listener)` Call #`OnVmViolationListener#onVmViolation(Violation)` on every violation.
`StrictMode.VmPolicy.Builder`	`penaltyLog()` Log detected violations to the system log.
`StrictMode.VmPolicy.Builder`	`permitNonSdkApiUsage()` Permit reflective usage of APIs that are not part of the public Android SDK.
`StrictMode.VmPolicy.Builder`	`permitUnsafeIntentLaunch()` Permit your app to launch any `Intent` which originated from outside your app.
`StrictMode.VmPolicy.Builder`	`setClassInstanceLimit(Class<T> klass, int instanceLimit)` Set an upper bound on how many instances of a class can be in memory at once.

Inherited methods

From class


        
          java.lang.Object

`Object`	`clone()` Creates and returns a copy of this object.
`boolean`	`equals(Object obj)` Indicates whether some other object is "equal to" this one.
`void`	`finalize()` Called by the garbage collector on an object when garbage collection determines that there are no more references to the object.
`final Class<?>`	`getClass()` Returns the runtime class of this `Object`.
`int`	`hashCode()` Returns a hash code value for the object.
`final void`	`notify()` Wakes up a single thread that is waiting on this object's monitor.
`final void`	`notifyAll()` Wakes up all threads that are waiting on this object's monitor.
`String`	`toString()` Returns a string representation of the object.
`final void`	`wait(long timeoutMillis, int nanos)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait(long timeoutMillis)` Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
`final void`	`wait()` Causes the current thread to wait until it is awakened, typically by being notified or interrupted.

Public constructors

Builder

Added in API level 9

public Builder ()

Builder

Added in API level 11

public Builder (StrictMode.VmPolicy base)

Build upon an existing VmPolicy.

Parameters
`base`	`StrictMode.VmPolicy`

Public methods

build

Added in API level 9

public StrictMode.VmPolicy build ()

Construct the VmPolicy instance.

Note: if no penalties are enabled before calling build, penaltyLog() is implicitly set.

Returns
`StrictMode.VmPolicy`

detectActivityLeaks

Added in API level 11

public StrictMode.VmPolicy.Builder detectActivityLeaks ()

Detect leaks of Activity subclasses.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

detectAll

Added in API level 9

public StrictMode.VmPolicy.Builder detectAll ()

Detect everything that's potentially suspect.

In the Honeycomb release this includes leaks of SQLite cursors, Activities, and other closable objects but will likely expand in future releases.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

detectCleartextNetwork

Added in API level 23

public StrictMode.VmPolicy.Builder detectCleartextNetwork ()

Detect any network traffic from the calling app which is not wrapped in SSL/TLS. This can help you detect places that your app is inadvertently sending cleartext data across the network.

Using penaltyDeath() or penaltyDeathOnCleartextNetwork() will block further traffic on that socket to prevent accidental data leakage, in addition to crashing your process.

Using penaltyDropBox() will log the raw contents of the packet that triggered the violation.

This inspects both IPv4/IPv6 and TCP/UDP network traffic, but it may be subject to false positives, such as when STARTTLS protocols or HTTP proxies are used.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

detectContentUriWithoutPermission

Added in API level 26

public StrictMode.VmPolicy.Builder detectContentUriWithoutPermission ()

Detect when the calling application sends a content:// Uri to another app without setting Intent.FLAG_GRANT_READ_URI_PERMISSION or Intent.FLAG_GRANT_WRITE_URI_PERMISSION.

Forgetting to include one or more of these flags when sending an intent is typically an app bug.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

See also:

detectCredentialProtectedWhileLocked

Added in API level 29

public StrictMode.VmPolicy.Builder detectCredentialProtectedWhileLocked ()

Detect access to filesystem paths stored in credential protected storage areas while the user is locked.

When a user is locked, credential protected storage is unavailable, and files stored in these locations appear to not exist, which can result in subtle app bugs if they assume default behaviors or empty states. Instead, apps should store data needed while a user is locked under device protected storage areas.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

See also:

Context.createDeviceProtectedStorageContext()

detectFileUriExposure

Added in API level 18

public StrictMode.VmPolicy.Builder detectFileUriExposure ()

Detect when the calling application exposes a file:// Uri to another app.

This exposure is discouraged since the receiving app may not have access to the shared path. For example, the receiving app may not have requested the Manifest.permission.READ_EXTERNAL_STORAGE runtime permission, or the platform may be sharing the Uri across user profile boundaries.

Instead, apps should use content:// Uris so the platform can extend temporary permission for the receiving app to access the resource.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

See also:

detectImplicitDirectBoot

Added in API level 29

public StrictMode.VmPolicy.Builder detectImplicitDirectBoot ()

Detect any implicit reliance on Direct Boot automatic filtering of PackageManager values. Violations are only triggered when implicit calls are made while the user is locked.

Apps becoming Direct Boot aware need to carefully inspect each query site and explicitly decide which combination of flags they want to use:

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

detectIncorrectContextUse

Added in API level 31

public StrictMode.VmPolicy.Builder detectIncorrectContextUse ()

Detect attempts to invoke a method on a Context that is not suited for such operation.

An example of this is trying to obtain an instance of UI service (e.g. WindowManager) from a non-visual Context. This is not allowed, since a non-visual Context is not adjusted to any visual area, and therefore can report incorrect metrics or resources.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

See also:

detectLeakedClosableObjects

Added in API level 11

public StrictMode.VmPolicy.Builder detectLeakedClosableObjects ()

Detect when an Closeable or other object with an explicit termination method is finalized without having been closed.

You always want to explicitly close such objects to avoid unnecessary resources leaks.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

detectLeakedRegistrationObjects

Added in API level 16

public StrictMode.VmPolicy.Builder detectLeakedRegistrationObjects ()

Detect when a BroadcastReceiver or ServiceConnection is leaked during Context teardown.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

detectLeakedSqlLiteObjects

Added in API level 9

public StrictMode.VmPolicy.Builder detectLeakedSqlLiteObjects ()

Detect when an SQLiteCursor or other SQLite object is finalized without having been closed.

You always want to explicitly close your SQLite cursors to avoid unnecessary database contention and temporary memory leaks.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

detectNonSdkApiUsage

Added in API level 28

public StrictMode.VmPolicy.Builder detectNonSdkApiUsage ()

Detect reflective usage of APIs that are not part of the public Android SDK.

Note that any non-SDK APIs that this processes accesses before this detection is enabled may not be detected. To ensure that all such API accesses are detected, you should apply this policy as early as possible after process creation.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

detectUnsafeIntentLaunch

Added in API level 31

public StrictMode.VmPolicy.Builder detectUnsafeIntentLaunch ()

Detect when your app sends an unsafe Intent.

Violations may indicate security vulnerabilities in the design of your app, where a malicious app could trick you into granting Uri permissions or launching unexported components. Here are some typical design patterns that can be used to safely resolve these violations:

If you are sending an implicit intent to an unexported component, you should make it an explicit intent by using Intent#setPackage, Intent#setClassName or Intent#setComponent.
If you are unparceling and sending an intent from the intent delivered, The ideal approach is to migrate to using a PendingIntent, which ensures that your launch is performed using the identity of the original creator, completely avoiding the security issues described above.
If using a PendingIntent isn't feasible, an alternative approach is to create a brand new Intent and carefully copy only specific values from the original Intent after careful validation.

Note that this may detect false-positives if your app sends itself an Intent which is first routed through the OS, such as using Intent#createChooser. In these cases, careful inspection is required to determine if the return point into your app is appropriately protected with a signature permission or marked as unexported. If the return point is not protected, your app is likely vulnerable to malicious apps.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

See also:

detectUntaggedSockets

Added in API level 26

public StrictMode.VmPolicy.Builder detectUntaggedSockets ()

Detect any sockets in the calling app which have not been tagged using TrafficStats. Tagging sockets can help you investigate network usage inside your app, such as a narrowing down heavy usage to a specific library or component.

This currently does not detect sockets created in native code.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

See also:

penaltyDeath

Added in API level 9

public StrictMode.VmPolicy.Builder penaltyDeath ()

Crashes the whole process on violation. This penalty runs at the end of all enabled penalties so you'll still get your logging or other violations before the process dies.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

penaltyDeathOnCleartextNetwork

Added in API level 23

public StrictMode.VmPolicy.Builder penaltyDeathOnCleartextNetwork ()

Crashes the whole process when cleartext network traffic is detected.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

See also:

detectCleartextNetwork()

penaltyDeathOnFileUriExposure

Added in API level 24

public StrictMode.VmPolicy.Builder penaltyDeathOnFileUriExposure ()

Crashes the whole process when a file:// Uri is exposed beyond this app.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

See also:

detectFileUriExposure()

penaltyDropBox

Added in API level 9

public StrictMode.VmPolicy.Builder penaltyDropBox ()

Enable detected violations log a stacktrace and timing data to the DropBox on policy violation. Intended mostly for platform integrators doing beta user field data collection.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

penaltyListener

Added in API level 28

public StrictMode.VmPolicy.Builder penaltyListener (Executor executor, 
                StrictMode.OnVmViolationListener listener)

Call #OnVmViolationListener#onVmViolation(Violation) on every violation.

Parameters
`executor`	`Executor`: This value cannot be `null`.
`listener`	`StrictMode.OnVmViolationListener`: This value cannot be `null`.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

penaltyLog

Added in API level 9

public StrictMode.VmPolicy.Builder penaltyLog ()

Log detected violations to the system log.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

permitNonSdkApiUsage

Added in API level 28

public StrictMode.VmPolicy.Builder permitNonSdkApiUsage ()

Permit reflective usage of APIs that are not part of the public Android SDK. Note that this only affects StrictMode, the underlying runtime may continue to restrict or warn on access to methods that are not part of the public SDK.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

permitUnsafeIntentLaunch

Added in API level 31

public StrictMode.VmPolicy.Builder permitUnsafeIntentLaunch ()

Permit your app to launch any Intent which originated from outside your app.

Disabling this check is strongly discouraged, as violations may indicate security vulnerabilities in the design of your app, where a malicious app could trick you into granting Uri permissions or launching unexported components.

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.

See also:

detectUnsafeIntentLaunch()

setClassInstanceLimit

Added in API level 11

public StrictMode.VmPolicy.Builder setClassInstanceLimit (Class<T> klass, 
                int instanceLimit)

Set an upper bound on how many instances of a class can be in memory at once. Helps to prevent object leaks.

Parameters
`klass`	`Class`
`instanceLimit`	`int`

Returns
`StrictMode.VmPolicy.Builder`	This value cannot be `null`.