diff --git a/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/XsltInjection.expected b/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/XsltInjection.expected
index 53e1d19112e..28c85388a97 100644
--- a/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/XsltInjection.expected
+++ b/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/XsltInjection.expected
@@ -129,10 +129,3 @@ nodes
| xsltInjection.py:46:38:46:48 | ControlFlowNode for xsltStrings [List element] | semmle.label | ControlFlowNode for xsltStrings [List element] |
| xsltInjection.py:50:24:50:32 | ControlFlowNode for xslt_root | semmle.label | ControlFlowNode for xslt_root |
subpaths
-testFailures
-| xslt.py:14:29:14:37 | ControlFlowNode for xslt_root | Unexpected result: Alert |
-| xsltInjection.py:12:28:12:36 | ControlFlowNode for xslt_root | Unexpected result: Alert |
-| xsltInjection.py:21:29:21:37 | ControlFlowNode for xslt_root | Unexpected result: Alert |
-| xsltInjection.py:31:24:31:32 | ControlFlowNode for xslt_root | Unexpected result: Alert |
-| xsltInjection.py:40:24:40:32 | ControlFlowNode for xslt_root | Unexpected result: Alert |
-| xsltInjection.py:50:24:50:32 | ControlFlowNode for xslt_root | Unexpected result: Alert |
diff --git a/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/xslt.py b/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/xslt.py
index 6464d35811b..b589f453a9b 100644
--- a/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/xslt.py
+++ b/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/xslt.py
@@ -11,4 +11,4 @@ def bad():
xslt_root = etree.XML(xsltQuery)
f = StringIO('')
tree = etree.parse(f)
- result_tree = tree.xslt(xslt_root) # Not OK # $ Alert
+ result_tree = tree.xslt(xslt_root) # $ Alert # Not OK
diff --git a/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/xsltInjection.py b/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/xsltInjection.py
index 9f8a25f2e61..2e56ff487ca 100644
--- a/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/xsltInjection.py
+++ b/python/ql/test/experimental/query-tests/Security/CWE-091-XsltInjection/xsltInjection.py
@@ -9,7 +9,7 @@ app = Flask(__name__)
def a():
xsltQuery = request.args.get('xml', '')
xslt_root = etree.XML(xsltQuery)
- transform = etree.XSLT(xslt_root) # Not OK # $ Alert
+ transform = etree.XSLT(xslt_root) # $ Alert # Not OK
@app.route("/xslt2")
@@ -18,7 +18,7 @@ def b():
xslt_root = etree.XML(xsltQuery)
f = StringIO('')
tree = etree.parse(f)
- result_tree = tree.xslt(xslt_root) # Not OK # $ Alert
+ result_tree = tree.xslt(xslt_root) # $ Alert # Not OK
@app.route("/xslt3")
@@ -28,7 +28,7 @@ def c():
f = StringIO('')
tree = etree.parse(f)
- result = tree.xslt(xslt_root, a="'A'") # Not OK # $ Alert
+ result = tree.xslt(xslt_root, a="'A'") # $ Alert # Not OK
@app.route("/xslt4")
def d():
@@ -37,7 +37,7 @@ def d():
f = StringIO('')
tree = etree.parse(f)
- result = tree.xslt(xslt_root, a="'A'") # Not OK # $ Alert
+ result = tree.xslt(xslt_root, a="'A'") # $ Alert # Not OK
@app.route("/xslt5")
def e():
@@ -47,7 +47,7 @@ def e():
f = StringIO('')
tree = etree.parse(f)
- result = tree.xslt(xslt_root, a="'A'") # Not OK # $ Alert
+ result = tree.xslt(xslt_root, a="'A'") # $ Alert # Not OK
@app.route("/xslt6")
@@ -76,4 +76,4 @@ def h():
f = StringIO('')
tree = etree.parse(f)
- result = tree.xslt(xslt_root, a="'A'") # OK
\ No newline at end of file
+ result = tree.xslt(xslt_root, a="'A'") # OK