Add webhook URL validation schema

[therealjhay]

Description: Webhook URLs need validation — must be HTTPS in production, must not be localhost, must have a reasonable length. Currently they're validated as plain strings.

Requirements:

• Define WebhookUrlSchema with URL validation, HTTPS requirement (configurable by env)
• Reject localhost, 127.0.0.1, and private IPs in production
• Limit URL length to 2048 characters
• Export for use in merchant settings and webhook subscription schemas

Suggested execution steps:

1. Create WebhookUrlSchema = z.string().url().max(2048)
2. Add .refine((url) => !NODE_ENV_PROD || url.startsWith('https://'), 'Webhook URL must use HTTPS in production')
3. Add IP range checks for private/reserved addresses

Example commit message:

feat(validation): add webhook URL validation schema with security checks

WebhookUrlSchema validates URL format, enforces HTTPS in production,
and rejects localhost/private IPs to prevent SSRF.

[Johnsource-hub]

@Johnsource-hub has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi, I'm Femi — a Full-Stack & Blockchain Developer with 3+ years of experience. I've reviewed this issue and I'm confident I can handle it. I'll submit a clean PR within 1-2 days max. Please assign it to me!

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Johnsource-hub to this issue.

[Fury03]

@Fury03 has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi maintainer I can work on this

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Fury03 to this issue.

[drips-wave]

Congratulations, @Fury03! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 30, 2026.

🧑‍💻 @Fury03: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊

[drips-wave]

This issue has been completed by @Fury03 as part of the Stellar Wave Program's 6th Wave 🥳

😎 @Fury03: You earned 200 Points for completing this issue! After the current Wave ends, you'll be eligible for a percentage of the Wave's reward pool based on the percentage of total points you've earned. Learn more here. You can also Leave a review to share your experience working on this issue.

🧑‍💻 Repo maintainers: How'd the contributor do? Leave a review to share your experience working with them.