From 0603c0fbdfe028113431c65590b6e7e28929f6f6 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 23 Jun 2017 06:50:14 +0200
Subject: some small refactoring and code documentation

---
 utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'utils/src/test')

diff --git a/utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java b/utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java
index 62a8d622..5f97be0f 100644
--- a/utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java
+++ b/utils/src/test/java/at/gv/egiz/slbinding/UnmarshallCXSRTest.java
@@ -77,6 +77,12 @@ public class UnmarshallCXSRTest {
 	    Object value = ((JAXBElement<?>) object).getValue();	    
 	    assertFalse(value.getClass().getName(), value instanceof CreateXMLSignatureResponseType);
 		
+	    /* If the parser has no exception and no CreateXMLSignatureResponseType than the test fails, because 
+	     * the tested XML document contains a CreateXMLSignatureResponseType and an XXE, SSRF attack vector.
+	     * Consequently, the parser result has to be an error
+	     */
+	    assertFalse(true);
+	    
 	} catch (XMLStreamException e) {
 		assertTrue(e.getClass().getName(), e instanceof XMLStreamException);
 		
-- 
cgit v1.2.3