From 9165ce0c4395c2997ee87b78e478a81a195693f9 Mon Sep 17 00:00:00 2001
From: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com>
Date: Tue, 20 May 2025 18:20:23 +0600
Subject: [PATCH] Potential fix for code scanning alert no. 6: Incomplete
 regular expression for hostnames

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: KhulnaSoft bot <43526132+khulnasoft-bot@users.noreply.github.com>
---
 plugins/aws/s3/bucketPolicyCloudFrontOai.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/aws/s3/bucketPolicyCloudFrontOai.js b/plugins/aws/s3/bucketPolicyCloudFrontOai.js
index ed4d12ee..4b0732bd 100644
--- a/plugins/aws/s3/bucketPolicyCloudFrontOai.js
+++ b/plugins/aws/s3/bucketPolicyCloudFrontOai.js
@@ -55,7 +55,7 @@ module.exports = {
                 for (let origin of distribution.Origins.Items) {
                     if (origin.S3OriginConfig && origin.DomainName) {
                         s3OriginFound = true;
-                        let bucketName = origin.DomainName.replace(/.s3.*.com/, '');
+                        let bucketName = origin.DomainName.replace(/\.s3\..*\.com/, '');
                         if (bucketName &&
                             origin.S3OriginConfig.OriginAccessIdentity &&
                             origin.S3OriginConfig.OriginAccessIdentity.length) {