Skip to content

feat: allow specifying webhook request headers #1285

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Oct 23, 2025
Merged

feat: allow specifying webhook request headers #1285

merged 9 commits into from
Oct 23, 2025

Conversation

@wrn14897
Copy link
Member

@wrn14897 wrn14897 commented Oct 22, 2025
edited
Loading

Address #1078

Ref: HDX-2225

image

@changeset-bot
Copy link

changeset-bot bot commented Oct 22, 2025
edited
Loading

🦋 Changeset detected

Latest commit: 334a089

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 2 packages
Name Type
@hyperdx/api Patch
@hyperdx/app Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@vercel
Copy link

vercel bot commented Oct 22, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
hyperdx-v2-oss-app Ready Ready Preview Comment Oct 23, 2025 9:17am

@claude
Copy link

claude bot commented Oct 22, 2025
edited
Loading

PR Review: Allow specifying webhook request headers

Overall Assessment: No critical issues found.

Positive Points:

  • ✅ Strong security validation for HTTP headers (CRLF injection prevention, control character blocking)
  • ✅ Comprehensive test coverage for validation edge cases
  • ✅ Proper Zod schema validation on backend
  • ✅ Frontend JSON parsing with error handling

Minor Recommendations (non-blocking):

  1. Missing UPDATE endpoint validation → The webhooks router has no PATCH/PUT endpoint. If webhook updates are supported elsewhere, ensure the same header validation (httpHeaderNameValidator and httpHeaderValueValidator) is applied.

  2. Frontend error handling enhancement → Consider extracting Zod error formatting logic into a reusable utility function (currently inline in TeamPage.tsx:758-771). This would help if similar error handling is needed elsewhere.

  3. Documentation → Consider adding a comment in webhooks.ts:40-55 explaining that the validation follows RFC 7230 HTTP header field name/value specifications.

Test Coverage:

  • ✅ Comprehensive tests for header name validation (empty, invalid chars, starts with number)
  • ✅ Comprehensive tests for header value validation (CRLF, control chars, tabs, newlines)
  • ✅ Valid header cases tested
  • ✅ Integration test updated to verify headers are sent correctly

Ready to merge

@github-actions
Copy link
Contributor

github-actions bot commented Oct 22, 2025
edited
Loading

E2E Test Results

All tests passed • 26 passed • 3 skipped • 230s

Status Count
✅ Passed 26
❌ Failed 0
⚠️ Flaky 0
⏭️ Skipped 3

View full report →

@wrn14897 wrn14897 changed the title feat: allow specifying webhook request headers (WIP) feat: allow specifying webhook request headers Oct 22, 2025
@wrn14897 wrn14897 changed the title (WIP) feat: allow specifying webhook request headers feat: allow specifying webhook request headers Oct 22, 2025
@kodiakhq kodiakhq bot merged commit 24b5477 into main Oct 23, 2025
10 checks passed
@kodiakhq kodiakhq bot deleted the warren/support-webhook-custom-request-headers branch October 23, 2025 11:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@brandon-pereira brandon-pereira brandon-pereira approved these changes

Assignees

No one assigned

Labels

automerge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@wrn14897 @brandon-pereira