Merge branch 'master' of https://github.com/beefproject/beef

config.yaml

@@ -38,8 +38,8 @@ beef:
         hook_session_name: "BEEFHOOK"
         session_cookie_name: "BEEFSESSION"
 
-        # Allow one or multiple domains to access the RESTful API using CORS
-        # For multiple domains use: "http://browserhacker.com, http://domain2.com"
+        # Allow one or multiple origins to access the RESTful API using CORS
+        # For multiple origins use: "http://browserhacker.com, http://domain2.com"
         restful_api:
             allow_cors: false
             cors_allowed_domains: "http://browserhacker.com"

core/main/client/browser.js

@@ -1228,7 +1228,7 @@ beef.browser = {
                 self.frames[i].document.body.appendChild(script);
                 beef.debug("Hooked child frame [src:"+self.frames[i].window.location.href+"]");
             } catch (e) {
-                // warn on cross-domain
+                // warn on cross-origin
                 beef.debug("Hooking child frame failed: "+e.message);
             }
         }
@@ -2068,7 +2068,7 @@ beef.browser = {
 
     /**
      *  A function that gets the max number of simultaneous connections the
-     *  browser can make per domain, or globally on all domains.
+     *  browser can make per origin, or globally on all origin.
      *
      *  This code is based on research from browserspy.dk
      *

core/main/client/mitb.js

@@ -33,11 +33,11 @@ beef.mitb = {
 
                         //GET request
                         if (method == "GET") {
-                            //GET request -> cross-domain
+                            //GET request -> cross-origin
                             if (url.indexOf(document.location.hostname) == -1 || (portR != null && requestPort != document.location.port )) {
                                 beef.mitb.sniff("GET [Ajax CrossDomain Request]: " + url);
                                 window.open(url);
-                            }else { //GET request -> same-domain
+                            }else { //GET request -> same-origin
                                 beef.mitb.sniff("GET [Ajax Request]: " + url);
                                 if (beef.mitb.fetch(url, document.getElementsByTagName("html")[0])) {
                                     var title = "";
@@ -198,7 +198,7 @@ beef.mitb = {
             beef.mitb.sniff("GET: " + url);
 
         } catch (x) {
-            // the link is cross-domain, so load the resource in a different tab
+            // the link is cross-origin, so load the resource in a different tab
             window.open(url);
             beef.mitb.sniff("GET [New Window]: " + url);
         }

core/main/client/net.js

@@ -71,7 +71,7 @@ beef.net = {
     response: function () {
         this.status_code = null;        // 500, 404, 200, 302
         this.status_text = null;        // success, timeout, error, ...
-        this.response_body = null;      // "<html>…." if not a cross domain request
+        this.response_body = null;      // "<html>…." if not a cross-origin request
         this.port_status = null;        // tcp port is open, closed or not http
         this.was_cross_domain = null;   // true or false
         this.was_timedout = null;       // the user specified timeout was reached

test/integration/tc_debug_modules.rb

@@ -141,7 +141,7 @@ class TC_DebugModules < Test::Unit::TestCase
   # Test debug module "Test_network_request" using the RESTful API
   def test_return_network_request
 
-    # Test same-domain request (response code and content of secret_page.html)
+    # Test same-origin request (response code and content of secret_page.html)
     response = RestClient.post "#{RESTAPI_MODULES}/#{@@hb_session}/#{@@mod_debug_test_network}?token=#{@@token}",
                                 #override only a few parameters, the other ones will have default values from modules's module.rb definition
                                {"domain" => ATTACK_DOMAIN, "port" => "3000", "path" => "/demos/secret_page.html"}.to_json,