Skip to content

openwebhooks/openwebhooks-http

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
crypto.go
crypto.go
 
 
go.mod
go.mod
 
 
openwebhooks_http.go
openwebhooks_http.go
 
 

Repository files navigation

openwebhooks-http

Go Report Card Last Commit License Stars

openwebhooks-http is a secure, production-grade HTTP client used by OpenWebhooks to deliver outbound webhooks safely.

What is OpenWebhooks?

OpenWebhooks is an open-source infrastructure for delivering webhooks reliably and securely.

It’s designed for developers and teams who want full control over how events are delivered across systems — whether internal or external — without depending on external services. OpenWebhooks acts as the trusted layer between your system and any destination that needs to react to changes in real time.

Features

  • Connection Pooling: Reuses HTTP connections to reduce latency and resource usage for repeated webhook deliveries.
  • TLS Enforcement: Ensures all webhook requests use secure HTTPS connections with valid TLS certificates.
  • SSRF Protection: Blocks requests to private IP ranges, localhost, and other unsafe network targets to prevent Server-Side Request Forgery.
  • Safe Redirect Policies: Limits redirects, enforces scheme consistency, and revalidates redirect targets to prevent misuse.
  • Request & Response Timeouts: Sets strict timeouts for requests and responses to prevent hanging connections.
  • Slow Loris Protection: Detects and blocks endpoints that send response data too slowly to exhaust system resources.
  • Response Size Limiting: Limits the maximum response size to avoid memory exhaustion or denial-of-service risks.
  • Payload Signing: Signs webhook payloads using HMAC so receivers can verify integrity and authenticity.
  • Replay Protection Support: Includes optional timestamp headers to help receivers detect and block replay attacks.

Install

go get github.com/openwebhooks/openwebhooks-http
import openwebhooks_http "github.com/openwebhooks/openwebhooks-http"

Usage

openWebhooksClient := openwebhooks_http.NewClient()

payload := []byte(`{"type":"user.created"}`)
secrets := []string{"whsec_abc123"}

response, err := openWebhooksClient.Post(ctx, "https://example.com/api/webhook", payload, secrets)

Contributing

Contributions are welcome!

If you have ideas for improvements, find a security issue, or want to add new features, feel free to open an issue or submit a pull request.

License

This project is licensed under the MIT License.

About

The open-source infrastructure for reliable webhook delivery

openwebhooks.dev

Topics

golang webhooks

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Languages