diff --git a/linkis-public-enhancements/linkis-udf-service/src/main/java/org/apache/linkis/udf/api/UDFRestfulApi.java b/linkis-public-enhancements/linkis-udf-service/src/main/java/org/apache/linkis/udf/api/UDFRestfulApi.java
index fa1841239b..f806786a67 100644
--- a/linkis-public-enhancements/linkis-udf-service/src/main/java/org/apache/linkis/udf/api/UDFRestfulApi.java
+++ b/linkis-public-enhancements/linkis-udf-service/src/main/java/org/apache/linkis/udf/api/UDFRestfulApi.java
@@ -1447,8 +1447,8 @@ public Message pythonUpload(
   @RequestMapping(path = "/get-register-functions", method = RequestMethod.GET)
   public Message getRegisterFunctions(HttpServletRequest req, @RequestParam("path") String path)
       throws IOException {
-    // 使用正则校验path,防止命令注入漏洞
-    if (!path.matches("^[a-zA-Z0-9_.-/:]+$")) {
+    String pathPrefix = "file:///";
+    if (StringUtils.isEmpty(path) || !path.startsWith(pathPrefix)) {
       return Message.error("path参数格式错误");
     }
     if (StringUtils.endsWithIgnoreCase(path, Constants.FILE_EXTENSION_PY)
diff --git a/linkis-web/src/apps/URM/module/functionManagement/addFunctionModal.vue b/linkis-web/src/apps/URM/module/functionManagement/addFunctionModal.vue
index 51c2b64604..a12a1abac2 100644
--- a/linkis-web/src/apps/URM/module/functionManagement/addFunctionModal.vue
+++ b/linkis-web/src/apps/URM/module/functionManagement/addFunctionModal.vue
@@ -5,9 +5,9 @@
   ~ The ASF licenses this file to You under the Apache License, Version 2.0
   ~ (the "License"); you may not use this file except in compliance with
   ~ the License.  You may obtain a copy of the License at
-  ~ 
+  ~
   ~   http://www.apache.org/licenses/LICENSE-2.0
-  ~ 
+  ~
   ~ Unless required by applicable law or agreed to in writing, software
   ~ distributed under the License is distributed on an "AS IS" BASIS,
   ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -215,10 +215,10 @@
           type="textarea"/>
       </FormItem>
       <FormItem :label="$t('message.linkis.udf.class')" prop="directory">
-        <Select 
-          ref="directory" 
+        <Select
+          ref="directory"
           v-model="setting.directory" filterable
-          @on-query-change="queryChange" 
+          @on-query-change="queryChange"
           :remoteMethod="filterAdd" :disabled="model === 1">
           <Option
             v-for="(item) in directories"
@@ -229,7 +229,7 @@
       </FormItem>
       <FormItem :label="$t('message.linkis.udf.clusterName')">
         <Select v-model="setting.clusterName" :disabled="model === 1">
-          <Option   
+          <Option
             label="all"
             value="all" />
         </Select>
@@ -324,7 +324,7 @@ export default {
         directory: ''
       },
       isShareLoading: false,
-      
+
       registerFunctionEditable: true,
       rules: {
         name: [
@@ -699,7 +699,7 @@ export default {
 
     async setNodePath(node) {
       this.$set(this.setting, this.getTypes(), node.path);
-      if(this.model !== 1) {
+      if(this.model !== 1 && /^[\w\u4e00-\u9fa5:.\\/]*(py|scala)$/.test(node.path)) {
         try {
           this.registerFunctions = await this.getRegisterFunction(node.path);
           if(this.registerFunctions.length !== 0) {
@@ -714,7 +714,7 @@ export default {
           this.registerFunctionEditable = true;
         }
       }
-      
+
     },
 
     getTypes() {
@@ -836,7 +836,7 @@ export default {
         height: 100% !important;
       }
     }
-  
+
     .ivu-modal-content {
       height: 100% !important;
     }
@@ -845,4 +845,4 @@ export default {
     }
   }
 }
-</style>
\ No newline at end of file
+</style>