Android的APK上自定义了一个ContentProvider,但是在调用者使用时出现的错误"java.lang.SecurityException: Permission Denial: opening provider ***"。
查询了半天才发现是由于在声明ContentProvider的时候没有声明android:exported="true"导致的。
从目前的测试情况来看,跟Android的版本有关系,目前看到在低版本的Android系统上面,这个如果不设置,默认是自动导出的,但是在高版本的Android上面,默认就是不导出了,这就导致一个问题,就是相同的APK在不同系统上面会出现不同的行为。因此要求必须显示指定这个字段。
注意如下说明:
android:exported Whether the content provider is available for other applications to use: true: The provider is available to other applications. Any application can use the provider's content URI to access it, subject to the permissions specified for the provider. false: The provider is not available to other applications. Set android:exported="false" to limit access to the provider to your applications. Only applications that have the same user ID (UID) as the provider will have access to it. The default value is "true" for applications that set either android:minSdkVersion or android:targetSdkVersion to "16" or lower. For applications that set either of these attributes to "17" or higher, the default is "false". You can set android:exported="false" and still limit access to your provider by setting permissions with the permission attribute.