summaryrefslogtreecommitdiff
path: root/utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java')
-rw-r--r--utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java6
1 files changed, 6 insertions, 0 deletions
diff --git a/utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java b/utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java
index 62a8d622..5f97be0f 100644
--- a/utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java
+++ b/utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java
@@ -77,6 +77,12 @@ public class UnmarshallCXSRTest {
Object value = ((JAXBElement<?>) object).getValue();
assertFalse(value.getClass().getName(), value instanceof CreateXMLSignatureResponseType);
+ /* If the parser has no exception and no CreateXMLSignatureResponseType than the test fails, because
+ * the tested XML document contains a CreateXMLSignatureResponseType and an XXE, SSRF attack vector.
+ * Consequently, the parser result has to be an error
+ */
+ assertFalse(true);
+
} catch (XMLStreamException e) {
assertTrue(e.getClass().getName(), e instanceof XMLStreamException);