fix(sonar): remove security issue with regex timespan

serilog-contrib · Sep 1, 2023 · d961636 · d961636
1 parent 0fc9064
commit d961636
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/src/Serilog.Ui.Web/SerilogUiMiddleware.cs b/src/Serilog.Ui.Web/SerilogUiMiddleware.cs
@@ -6,6 +6,7 @@
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 using Serilog.Ui.Web.Endpoints;
+using System;
 using System.Reflection;
 using System.Text.RegularExpressions;
 using System.Threading.Tasks;
@@ -63,6 +64,6 @@ private StaticFileMiddleware CreateStaticFileMiddleware(
         }
 
         private bool CheckPath(string currentPath, string OnPath)
-            => Regex.IsMatch(currentPath, $"^/{Regex.Escape(_options.RoutePrefix)}{OnPath}$", RegexOptions.IgnoreCase);
+            => Regex.IsMatch(currentPath, $"^/{Regex.Escape(_options.RoutePrefix)}{OnPath}$", RegexOptions.IgnoreCase, TimeSpan.FromSeconds(5));
     }
 }