modify the sanitize and neutralize declaration at the beginning of th…

…e file

steps/common/steps.go

@@ -30,6 +30,26 @@ import (
 	"github.com/google/uuid"
 )
 
+// Neutralization for unwanted command injections in domain string
+func neutralizeDomain(input string) string {
+	pattern := "^(?:https?://)?(?:www.)?([^:/\n&=?¿\"!| %]+)"
+	regex := regexp.MustCompile(pattern)
+	domainN := regex.FindString(input)
+
+	uri, err := url.Parse(domainN)
+	if err != nil {
+		return ""
+	}
+
+	return uri.String()
+}
+
+func neutralize(p string) string {
+	p = strings.ReplaceAll(p, "\r", "")
+	p = strings.ReplaceAll(p, "\n", "")
+	return p
+}
+
 // Steps to initialize common steps.
 type Steps struct {
 }
@@ -96,12 +116,6 @@ func (cs Steps) InitializeSteps(ctx context.Context, scenCtx *godog.ScenarioCont
 	return ctx
 }
 
-func neutralize(p string) string {
-	p = strings.ReplaceAll(p, "\r", "")
-	p = strings.ReplaceAll(p, "\n", "")
-	return p
-}
-
 // StoreValueInContext stores a value in golium.Context using the key name.
 func StoreValueInContext(ctx context.Context, name, value string) error {
 	golium.GetContext(ctx).Put(name, value)
@@ -188,17 +202,3 @@ func getLocalIP(ctx context.Context, key string, ipVersion IPVersion) error {
 	golium.GetContext(ctx).Put(golium.ValueAsString(ctx, key), localAddress.IP.String())
 	return nil
 }
-
-// Neutralization for unwanted command injections in domain string
-func neutralizeDomain(input string) string {
-	pattern := "^(?:https?://)?(?:www.)?([^:/\n&=?¿\"!| %]+)"
-	regex := regexp.MustCompile(pattern)
-	domainN := regex.FindString(input)
-
-	uri, err := url.Parse(domainN)
-	if err != nil {
-		return ""
-	}
-
-	return uri.String()
-}

steps/dns/session.go

@@ -31,6 +31,25 @@ import (
 	"github.com/miekg/dns"
 )
 
+// Sanitize HTTP parameter pollution. CWE:235
+func sanitize(queryParams map[string][]string) string {
+	params := url.Values{}
+	for key, values := range queryParams {
+		for _, value := range values {
+			if !params.Has(key) {
+				params.Add(key, value)
+			}
+		}
+	}
+	return params.Encode()
+}
+
+func neutralize(p string) string {
+	p = strings.ReplaceAll(p, "\r", "")
+	p = strings.ReplaceAll(p, "\n", "")
+	return p
+}
+
 // Session contains the information related to a DNS query and response.
 type Session struct {
 	// Server is the address to the DNS server, including the server port (e.g. 8.8.8.8:53).
@@ -289,22 +308,3 @@ func (s *Session) ValidateResponseWithRecords(
 	}
 	return nil
 }
-
-// Sanitize HTTP parameter pollution. CWE:235
-func sanitize(queryParams map[string][]string) string {
-	params := url.Values{}
-	for key, values := range queryParams {
-		for _, value := range values {
-			if !params.Has(key) {
-				params.Add(key, value)
-			}
-		}
-	}
-	return params.Encode()
-}
-
-func neutralize(p string) string {
-	p = strings.ReplaceAll(p, "\r", "")
-	p = strings.ReplaceAll(p, "\n", "")
-	return p
-}

steps/http/session.go

@@ -49,6 +49,19 @@ const (
 	DefaultTestURL = "https://jsonplaceholder.typicode.com/"
 )
 
+// Sanitize HTTP parameter pollution. CWE:235
+func sanitize(queryParams map[string][]string) string {
+	params := url.Values{}
+	for key, values := range queryParams {
+		for _, value := range values {
+			if !params.Has(key) {
+				params.Add(key, value)
+			}
+		}
+	}
+	return params.Encode()
+}
+
 // Session contains the information of a HTTP session (request and response).
 type Session struct {
 	Request            model.Request
@@ -688,16 +701,3 @@ func (s *Session) GetURL(ctx context.Context) (string, error) {
 	}
 	return URL, nil
 }
-
-// Sanitize HTTP parameter pollution. CWE:235
-func sanitize(queryParams map[string][]string) string {
-	params := url.Values{}
-	for key, values := range queryParams {
-		for _, value := range values {
-			if !params.Has(key) {
-				params.Add(key, value)
-			}
-		}
-	}
-	return params.Encode()
-}