diff --git a/dependency-check-core/pom.xml b/dependency-check-core/pom.xml
index 5cc0f174e..63a496c99 100644
--- a/dependency-check-core/pom.xml
+++ b/dependency-check-core/pom.xml
@@ -44,6 +44,7 @@ along with Dependency-Check. If not, see .
src/main/resources
**/*.properties
+ **/schema/*.xsd
true
diff --git a/dependency-check-core/src/main/resources/schema/DependencyCheck.xsd b/dependency-check-core/src/main/resources/schema/DependencyCheck.xsd
index f6b522455..4f7c171c9 100644
--- a/dependency-check-core/src/main/resources/schema/DependencyCheck.xsd
+++ b/dependency-check-core/src/main/resources/schema/DependencyCheck.xsd
@@ -1,5 +1,5 @@
-
+
diff --git a/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorTest.java b/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorTest.java
index f932ea291..1d060adb5 100644
--- a/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorTest.java
+++ b/dependency-check-core/src/test/java/org/owasp/dependencycheck/reporting/ReportGeneratorTest.java
@@ -18,6 +18,7 @@
*/
package org.owasp.dependencycheck.reporting;
+import org.owasp.dependencycheck.Engine;
import org.owasp.dependencycheck.data.cpe.BaseIndexTestCase;
import org.junit.After;
import org.junit.AfterClass;
@@ -25,6 +26,14 @@ import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
+import javax.xml.XMLConstants;
+import javax.xml.transform.stream.StreamSource;
+import javax.xml.validation.Schema;
+import javax.xml.validation.SchemaFactory;
+import javax.xml.validation.Validator;
+import java.io.File;
+import java.io.InputStream;
+
/**
*
* @author Jeremy Long (jeremy.long@owasp.org)
@@ -107,4 +116,41 @@ public class ReportGeneratorTest {
// instance.generateReport(templateName, writeTo, properties);
//assertTrue("need to add a real check here", false);
}
+
+ /**
+ * Generates an XML report containing known vulnerabilities and realistic
+ * data and validates the generated XML document against the XSD.
+ * @throws Exception
+ */
+ @Test
+ public void testGenerateXMLReport() throws Exception {
+ String templateName = "XmlReport";
+
+ File f = new File("target/test-reports");
+ if (!f.exists()) {
+ f.mkdir();
+ }
+ String writeTo = "target/test-reports/Report.xml";
+
+ File struts = new File(this.getClass().getClassLoader().getResource("struts2-core-2.1.2.jar").getPath());
+ File axis = new File(this.getClass().getClassLoader().getResource("axis2-adb-1.4.1.jar").getPath());
+ File jetty = new File(this.getClass().getClassLoader().getResource("org.mortbay.jetty.jar").getPath());
+
+ Engine engine = new Engine();
+ engine.scan(struts);
+ engine.scan(axis);
+ engine.scan(jetty);
+ engine.analyzeDependencies();
+
+ ReportGenerator generator = new ReportGenerator("Test Report", engine.getDependencies(), engine.getAnalyzers());
+ generator.generateReport(templateName, writeTo);
+
+ InputStream xsdStream = ReportGenerator.class.getClassLoader().getResourceAsStream("schema/DependencyCheck.xsd");
+ StreamSource xsdSource = new StreamSource(xsdStream);
+ StreamSource xmlSource = new StreamSource(new File(writeTo));
+ SchemaFactory sf = SchemaFactory.newInstance(XMLConstants.W3C_XML_SCHEMA_NS_URI);
+ Schema schema = sf.newSchema(xsdSource);
+ Validator validator = schema.newValidator();
+ validator.validate(xmlSource);
+ }
}