diff --git a/_locales/en/messages.json b/_locales/en/messages.json
index 3d28615..f00c96c 100644
--- a/_locales/en/messages.json
+++ b/_locales/en/messages.json
@@ -272,8 +272,19 @@
   "optionsTestError": {
     "message": "Error sending test webhook: ",
     "description": "Error message for the test webhook."
-  }
-  ,
+  },
+  "optionsErrorInvalidUrlScheme": {
+    "message": "Invalid URL scheme. Only http:// and https:// are allowed.",
+    "description": "Error message when a webhook URL has an invalid scheme."
+  },
+  "optionsErrorInvalidUrl": {
+    "message": "Invalid URL.",
+    "description": "Error message when a webhook URL is invalid."
+  },
+  "optionsErrorUrlRequired": {
+    "message": "URL is required.",
+    "description": "Error message when a webhook URL is missing."
+  },
   "optionsAppearanceHeader": {
     "message": "Appearance",
     "description": "Header for the appearance section."
diff --git a/utils/utils.js b/utils/utils.js
index 98dd95d..f8436e7 100644
--- a/utils/utils.js
+++ b/utils/utils.js
@@ -192,6 +192,24 @@ async function sendWebhook(webhook, isTest = false) {
 
     const url = webhook.url;
 
+    if (!url) {
+      throw new Error(browserAPI.i18n.getMessage("optionsErrorUrlRequired") || "URL is required.");
+    }
+
+    try {
+      const urlObj = new URL(url);
+      if (urlObj.protocol !== "http:" && urlObj.protocol !== "https:") {
+        const schemeError = new Error(browserAPI.i18n.getMessage("optionsErrorInvalidUrlScheme") || "Invalid URL scheme. Only http:// and https:// are allowed.");
+        schemeError.name = "SchemeError";
+        throw schemeError;
+      }
+    } catch (e) {
+      if (e.name === "SchemeError") {
+        throw e;
+      }
+      throw new Error(browserAPI.i18n.getMessage("optionsErrorInvalidUrl") || "Invalid URL.");
+    }
+
     if (method === "POST") {
       fetchOpts.body = JSON.stringify(payload);
     } else if (method === "GET") {