diff --git a/core/restservices.class.inc.php b/core/restservices.class.inc.php
index d5f73f100..798c4e887 100644
--- a/core/restservices.class.inc.php
+++ b/core/restservices.class.inc.php
@@ -129,7 +129,7 @@ public function SanitizeContent()
 	{
 		foreach($this->fields as $sFieldAttCode => $fieldValue)
 		{
-            try{
+            try {
 			$oAttDef = MetaModel::GetAttributeDef($this->class, $sFieldAttCode);
             } catch (Exception $e) { // for special cases like ID
                 continue;
@@ -872,6 +872,7 @@ trait SanitizeTrait
         if ($oAttDef instanceof iAttributeNoGroupBy) // iAttributeNoGroupBy is equivalent to sensitive attribute
         {
             $fields[$sFieldAttCode] = '*****';
+            return;
         }
         // for 1-n / n-n relation
         if ($oAttDef instanceof AttributeLinkedSet) {
@@ -881,7 +882,7 @@ trait SanitizeTrait
                     if ($oLnkAttDef instanceof iAttributeNoGroupBy) { // 1-n relation
                         $fields[$sFieldAttCode][$i][$sLnkAttCode] = '*****';
                     }
-                    if ($oAttDef instanceof AttributeLinkedSetIndirect && $oLnkAttDef instanceof AttributeExternalField) { // for n-n relation
+                    elseif ($oAttDef instanceof AttributeLinkedSetIndirect && $oLnkAttDef instanceof AttributeExternalField) { // for n-n relation
                         $oExtKeyAttDef = MetaModel::GetAttributeDef($oLnkAttDef->GetTargetClass(), $oLnkAttDef->GetExtAttCode());
                         if ($oExtKeyAttDef instanceof iAttributeNoGroupBy) {
                             $fields[$sFieldAttCode][$i][$sLnkAttCode] = '*****';
@@ -889,6 +890,7 @@ trait SanitizeTrait
                     }
                 }
             }
+            return;
         }
 
         // for external attribute
diff --git a/tests/php-unit-tests/unitary-tests/core/Delta/delta_test_sanitize_output.xml b/tests/php-unit-tests/unitary-tests/core/Delta/delta_test_sanitize_output.xml
index 5cc952f01..798f5f8a0 100644
--- a/tests/php-unit-tests/unitary-tests/core/Delta/delta_test_sanitize_output.xml
+++ b/tests/php-unit-tests/unitary-tests/core/Delta/delta_test_sanitize_output.xml
@@ -9,8 +9,9 @@
                 <key_type>autoincrement</key_type>
                 <db_table>test_server</db_table>
                 <db_key_field>id</db_key_field>
-            </properties>            <presentation></presentation>
-            <methods></methods>
+            </properties>
+            <presentation/>
+            <methods/>
             <fields>
                 <field id="contact_list" xsi:type="AttributeLinkedSetIndirect">
                     <linked_class>lnkContactTestToServer</linked_class>
@@ -41,8 +42,8 @@
                 <db_table>contact_test</db_table>
                 <db_key_field>id</db_key_field>
             </properties>
-            <presentation></presentation>
-            <methods></methods>
+            <presentation/>
+            <methods/>
             <fields>
                 <field id="password" xsi:type="AttributeEncryptedString">
                     <sql>password</sql>
@@ -65,8 +66,9 @@
                 <key_type>autoincrement</key_type>
                 <db_table>lnk_contact_server_test</db_table>
                 <db_key_field>id</db_key_field>
-            </properties>            <presentation></presentation>
-            <methods></methods>
+            </properties>
+            <presentation/>
+            <methods/>
             <fields>
                 <field id="contact_test_password" xsi:type="AttributeExternalField" _delta="define">
                     <extkey_attcode>contact_test_id</extkey_attcode>
@@ -96,8 +98,9 @@
                 <key_type>autoincrement</key_type>
                 <db_table>password_test</db_table>
                 <db_key_field>id</db_key_field>
-            </properties>            <presentation></presentation>
-            <methods></methods>
+            </properties>
+            <presentation/>
+            <methods/>
             <fields>
                 <field id="server_test_id" xsi:type="AttributeExternalKey" _delta="define">
                     <target_class>TestServer</target_class>
diff --git a/tests/php-unit-tests/unitary-tests/core/RestServicesSanitizeOutputTest.php b/tests/php-unit-tests/unitary-tests/core/RestServicesSanitizeOutputTest.php
index 93751d359..9034afad6 100644
--- a/tests/php-unit-tests/unitary-tests/core/RestServicesSanitizeOutputTest.php
+++ b/tests/php-unit-tests/unitary-tests/core/RestServicesSanitizeOutputTest.php
@@ -1,22 +1,5 @@
 <?php
 declare(strict_types=1);
-// Copyright (c) 2010-2018 Combodo SARL
-//
-//   This file is part of iTop.
-//
-//   iTop is free software; you can redistribute it and/or modify
-//   it under the terms of the GNU Affero General Public License as published by
-//   the Free Software Foundation, either version 3 of the License, or
-//   (at your option) any later version.
-//
-//   iTop is distributed in the hope that it will be useful,
-//   but WITHOUT ANY WARRANTY; without even the implied warranty of
-//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-//   GNU Affero General Public License for more details.
-//
-//   You should have received a copy of the GNU Affero General Public License
-//   along with iTop. If not, see <http://www.gnu.org/licenses/>
-//
 
 namespace Combodo\iTop\Test\UnitTest\Core;
 
@@ -46,7 +29,8 @@ class RestServicesSanitizeOutputTest extends ItopCustomDatamodelTestCase
     public function testSanitizeJsonOutputOnSimpleAttribute()
     {
         $oContactTest = MetaModel::NewObject('ContactTest', [
-                'password' => self::SIMPLE_PASSWORD]);
+                'password' => self::SIMPLE_PASSWORD]
+        );
         $oRestResultWithObject = new RestResultWithObjects();
         $oRestResultWithObject->AddObject(0, 'ok', $oContactTest, ['ContactTest' => ['password']]);
         $oRestResultWithObject->SanitizeContent();
@@ -62,7 +46,8 @@ class RestServicesSanitizeOutputTest extends ItopCustomDatamodelTestCase
     public function testSanitizeJsonOutputAttributeExternalKeyOnNNRelation()
     {
         $oContactTest = $this->createObject('ContactTest', [
-                'password' => self::SIMPLE_PASSWORD]);
+                'password' => self::SIMPLE_PASSWORD]
+        );
 
         $oTestServer = $this->createObject('TestServer', [
                 'name' => 'test_server',
@@ -84,10 +69,10 @@ class RestServicesSanitizeOutputTest extends ItopCustomDatamodelTestCase
         static::assertContains(
                 '*****',
                 json_encode($oRestResultWithObject));
+
         static::assertNotContains(
                 self::SIMPLE_PASSWORD,
                 json_encode($oRestResultWithObject));
-
     }
 
     /**
@@ -102,7 +87,6 @@ class RestServicesSanitizeOutputTest extends ItopCustomDatamodelTestCase
                 'name' => 'test_server',
         ]);
 
-
         // create lnkContactTestToServer
         $this->createObject('lnkContactTestToServer', [
                 'contact_test_id' => $oContactTest->GetKey(),
@@ -117,6 +101,7 @@ class RestServicesSanitizeOutputTest extends ItopCustomDatamodelTestCase
         static::assertContains(
                 '*****',
                 json_encode($oRestResultWithObject));
+
         static::assertNotContains(
                 self::SIMPLE_PASSWORD,
                 json_encode($oRestResultWithObject));
@@ -147,9 +132,11 @@ class RestServicesSanitizeOutputTest extends ItopCustomDatamodelTestCase
         $oRestResultWithObject = new RestResultWithObjects();
         $oRestResultWithObject->AddObject(0, 'ok', $oTestServer, ['TestServer' => ['id', 'password_list']]);
         $oRestResultWithObject->SanitizeContent();
+
         static::assertContains(
                 '*****',
                 json_encode($oRestResultWithObject));
+
         static::assertNotContains(
                 self::SIMPLE_PASSWORD,
                 json_encode($oRestResultWithObject));
diff --git a/tests/php-unit-tests/unitary-tests/core/RestServicesTest.php b/tests/php-unit-tests/unitary-tests/core/RestServicesTest.php
index a2332f699..eb3a1f1c0 100644
--- a/tests/php-unit-tests/unitary-tests/core/RestServicesTest.php
+++ b/tests/php-unit-tests/unitary-tests/core/RestServicesTest.php
@@ -1,21 +1,5 @@
 <?php
-// Copyright (c) 2010-2018 Combodo SARL
-//
-//   This file is part of iTop.
-//
-//   iTop is free software; you can redistribute it and/or modify
-//   it under the terms of the GNU Affero General Public License as published by
-//   the Free Software Foundation, either version 3 of the License, or
-//   (at your option) any later version.
-//
-//   iTop is distributed in the hope that it will be useful,
-//   but WITHOUT ANY WARRANTY; without even the implied warranty of
-//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-//   GNU Affero General Public License for more details.
-//
-//   You should have received a copy of the GNU Affero General Public License
-//   along with iTop. If not, see <http://www.gnu.org/licenses/>
-//
+declare(strict_types=1);
 
 namespace Combodo\iTop\Test\UnitTest\Core;
 
@@ -23,7 +7,7 @@ use Combodo\iTop\Test\UnitTest\ItopDataTestCase;
 use CoreException;
 use CoreServices;
 use CoreUnexpectedValue;
-use SimpleGraphException;
+use RestResultWithObjects;
 use UserLocal;
 
 /**
@@ -33,11 +17,6 @@ use UserLocal;
  */
 class RestServicesTest extends ItopDataTestCase
 {
-    public function setUp(): void
-    {
-        parent::setUp();
-    }
-
     /**
      * @return void
      * @dataProvider providerTestSanitizeJsonInput
@@ -46,10 +25,13 @@ class RestServicesTest extends ItopDataTestCase
     {
         $oRS = new CoreServices();
         $sOutputJson = $oRS->SanitizeJsonInput($sJsonData);
-        $this->assertEquals($sExpectedJsonDataSanitized, $sOutputJson);
+        static::assertEquals($sExpectedJsonDataSanitized, $sOutputJson);
     }
 
-    public function providerTestSanitizeJsonInput()
+    /**
+     * @return array[]
+     */
+    public function providerTestSanitizeJsonInput(): array
     {
         return [
                 'core/check_credentials' => [
@@ -99,20 +81,22 @@ class RestServicesTest extends ItopDataTestCase
      * @return void
      * @throws CoreException
      * @throws CoreUnexpectedValue
-     * @throws SimpleGraphException
      * @dataProvider providerTestSanitizeJsonOutput
      */
     public function testSanitizeJsonOutput($sOperation, $aJsonData, $sExpectedJsonDataSanitized)
     {
         $oUser = new UserLocal();
-        $oUser->Set('password', "123456");
-        $oRestResultWithObject = new \RestResultWithObjects();
-        $oRestResultWithObject->AddObject(0, "ok", $oUser, ['UserLocal' => ['login', 'password']]);
+        $oUser->Set('password', '123456');
+        $oRestResultWithObject = new RestResultWithObjects();
+        $oRestResultWithObject->AddObject(0, 'ok', $oUser, ['UserLocal' => ['login', 'password']]);
         $oRestResultWithObject->SanitizeContent();
-        $this->assertEquals($sExpectedJsonDataSanitized, json_encode($oRestResultWithObject));
+        static::assertEquals($sExpectedJsonDataSanitized, json_encode($oRestResultWithObject));
     }
 
-    public function providerTestSanitizeJsonOutput()
+    /**
+     * @return array[]
+     */
+    public function providerTestSanitizeJsonOutput(): array
     {
         return [
 
@@ -134,7 +118,8 @@ class RestServicesTest extends ItopDataTestCase
                 'core/check_credentials' => [
                         'core/check_credentials',
                         ['user' => 'admin', 'password' => 'admin'],
-                        '{"objects":{"UserLocal::-1":{"code":0,"message":"ok","class":"UserLocal","key":-1,"fields":{"login":"","password":"*****"}}},"code":0,"message":null}'                ],
+                        '{"objects":{"UserLocal::-1":{"code":0,"message":"ok","class":"UserLocal","key":-1,"fields":{"login":"","password":"*****"}}},"code":0,"message":null}'
+                ],
         ];
     }
 }