# `DripDrop.Hooks.URLGuard`
[🔗](https://github.com/agoodway/dripdrop/blob/v0.1.0/lib/dripdrop/hooks/url_guard.ex#L1)

Validates outbound HTTP hook URLs to mitigate SSRF.

The guard enforces a scheme allowlist (https by default; http opt-in via
`config :dripdrop, :http_hook_allow_http, true`), resolves the host to its
IP addresses, and rejects any address inside a private, loopback, link-local,
CGNAT, or unique-local range unless
`config :dripdrop, :http_hook_allow_private, true` is set. Validation runs
both at `HttpHook` create/update time and again after Liquid rendering inside
the evaluator, since template variables can rewrite the host.

# `validate`

```elixir
@spec validate(
  binary() | nil,
  keyword()
) :: :ok | {:error, atom()}
```

Returns `:ok` if `url` is safe to fetch, otherwise `{:error, reason}`.

Pass `req_options:` (a keyword list of Req options) to opt out when the
caller is using `Req.Test` stubbing — that bypasses real DNS so the guard
can't resolve example fixtures.

---

*Consult [api-reference.md](api-reference.md) for complete listing*