Forum Discussion

skyr00zx's avatar
Occasional Visitor
3 years ago

SoapUI disable replacing


I'm currently using SoapUI for manual security testing. I have problem with replacing by payloads in client side.

For example entities  in my request are replaced on client side. This behaviour makes impossible for me to test some security cases like billion laughs attack.

Is there option to disable that replacement?

1 Reply

  • KarelHusa's avatar
    Champion Level 2

    Hi skyr00zx ,

    there is no standard option to disable text evaluation in functional tests, as far as I know.


    But for security testing (billion laughs etc.) you can use Security tests and use the prepared messages or define your own, see the picture bellow. The entities aren't evaluated there.


    More about security testing in SoapUI at: .


    Best regards,