fix(dashboard): hide request body for HTTP methods without body support

[scopsy]

What changed? Why was the change needed?

This change hides the "Request body" section in the HTTP step editor when an HTTP method that does not support a body is selected. This improves the user experience by only showing relevant fields and ensures adherence to HTTP specifications.

Specifically:

• The "Request body" section in http-request-editor.tsx is now conditionally rendered, appearing only for POST, PUT, and PATCH methods.
• The canHaveBody logic in curl-utils.ts and use-copy-prompt.tsx has been updated for consistency to exclude GET, HEAD, OPTIONS, and DELETE methods.

Screenshots

GET method - body hidden	POST method - body visible	HEAD method - body hidden

Slack Thread

  

[cursor]

Cursor Agent can help with this pull request. Just @cursor in comments and I'll start working on changes in this branch.
_{Learn more about Cursor Agents}

[netlify]

✅ Deploy preview added

Name	Link
🔨 Latest commit	f8ba9ed
🔍 Latest deploy log	https://app.netlify.com/projects/dashboard-v2-novu-staging/deploys/69b670f74cabb800089f7293
😎 Deploy Preview	https://deploy-preview-10282.dashboard-v2.novu-staging.co
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[github-actions]

Hey there and thank you for opening this pull request! 👋

We require pull request titles to follow specific formatting rules and it looks like your proposed title needs to be adjusted.

Your PR title is: fix(dashboard): hide request body for HTTP methods without body support

Requirements:

1. Follow the Conventional Commits specification
2. As a team member, include Linear ticket ID at the end: fixes TICKET-ID or include it in your branch name

Expected format: feat(scope): Add fancy new feature fixes NOV-123

Details:

PR title must end with 'fixes TICKET-ID' (e.g., 'fixes NOV-123') or include ticket ID in branch name

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 5d8a1d7f-3e78-44cc-bc09-4eeb3a86cdc6

📥 Commits

Reviewing files that changed from the base of the PR and between f666b26 and f8ba9ed.

📒 Files selected for processing (2)

• apps/dashboard/src/components/workflow-editor/steps/http-request/curl-display.tsx
• apps/dashboard/src/components/workflow-editor/steps/http-request/curl-utils.ts

🚧 Files skipped from review as they are similar to previous changes (1)

• apps/dashboard/src/components/workflow-editor/steps/http-request/curl-utils.ts

---

Walkthrough

Adds a centralized helper canMethodHaveBody(method: string): boolean and a METHODS_WITH_BODY set in curl-utils.ts. Replaces inline checks for body-eligibility with canMethodHaveBody across http-request-editor.tsx, use-copy-prompt.tsx, and curl-display.tsx, so body-related rendering and curl construction are gated by the helper.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically summarizes the main change: hiding the request body section for HTTP methods without body support, which aligns with the primary refactoring objective across multiple files.
Description check	✅ Passed	The description is directly related to the changeset, explaining the rationale for hiding the request body section for certain HTTP methods and providing concrete details about affected methods (POST, PUT, PATCH) and excluded methods (GET, HEAD, OPTIONS, DELETE).

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

apps/dashboard/src/components/workflow-editor/steps/http-request/use-copy-prompt.tsx (1)

25-79: ⚠️ Potential issue | 🟠 Major

Prompt text is still body-specific for methods without a body.

After Line 25, GET/DELETE/HEAD/OPTIONS no longer include body data, but the prompt still instructs to parse JSON body (Line 77) and references JSON.stringify(requestBody) (Line 67). This produces inconsistent prompts for bodyless methods.

Suggested fix

   const canHaveBody = method !== 'GET' && method !== 'DELETE' && method !== 'HEAD' && method !== 'OPTIONS';
+  const bodyHandlingInstruction = canHaveBody
+    ? '3. Parses the JSON body and extracts relevant fields'
+    : '3. Skips JSON body parsing for this method';
+  const signedPayloadInstruction = canHaveBody
+    ? '2. Build the signed string: `${timestamp}.${JSON.stringify(requestBody)}`'
+    : '2. Build the signed string using an empty payload representation for this method';

@@
-To verify:
-1. Parse the header: split on `,`, extract `t` (timestamp) and `v1` (HMAC)
-2. Build the signed string: `${timestamp}.${JSON.stringify(requestBody)}`
+To verify:
+1. Parse the header: split on `,`, extract `t` (timestamp) and `v1` (HMAC)
+${signedPayloadInstruction}
@@
-3. Parses the JSON body and extracts relevant fields
+${bodyHandlingInstruction}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@apps/dashboard/src/components/workflow-editor/steps/http-request/use-copy-prompt.tsx`
around lines 25 - 79, The prompt currently assumes a JSON body even for methods
that cannot have one; update the returned template string to conditionally
include body-related instructions based on the canHaveBody variable: keep
bodyBlock as-is but only include steps that reference parsing JSON,
JSON.stringify(requestBody) and "Parses the JSON body" when canHaveBody is true,
and otherwise change those steps to refer to reading/verifying the raw request
body or note "no body expected"; adjust the signature verification step (where
it builds `${timestamp}.${JSON.stringify(requestBody)}`) to use a rawBody
variable or conditional fragment so it doesn't call JSON.stringify for bodyless
methods; modify the returned template around the signature and "What to
generate" sections to branch on canHaveBody (referencing canHaveBody, bodyBlock,
and the template string that contains JSON.stringify(requestBody)).

🧹 Nitpick comments (1)

apps/dashboard/src/components/workflow-editor/steps/http-request/curl-utils.ts (1)

24-24: Extract HTTP body-eligibility logic into a shared helper.

Line 24 duplicates logic now also present in use-copy-prompt.tsx and http-request-editor.tsx. Centralizing this into one utility (e.g., canMethodHaveBody(method)) will prevent future behavior drift.

As per coding guidelines, “Prefer iteration and modularization over code duplication.”

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@apps/dashboard/src/components/workflow-editor/steps/http-request/curl-utils.ts`
at line 24, Extract the duplicated HTTP body-eligibility check into a single
exported helper function named canMethodHaveBody(method) (returns boolean) and
replace the inline constant in curl-utils.ts (const canHaveBody = ...),
use-copy-prompt.tsx, and http-request-editor.tsx to call that helper; update the
three files to import the helper from the new utility module and ensure the
function treats GET, DELETE, HEAD, and OPTIONS as non-body methods to preserve
existing behavior.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In
`@apps/dashboard/src/components/workflow-editor/steps/http-request/use-copy-prompt.tsx`:
- Around line 25-79: The prompt currently assumes a JSON body even for methods
that cannot have one; update the returned template string to conditionally
include body-related instructions based on the canHaveBody variable: keep
bodyBlock as-is but only include steps that reference parsing JSON,
JSON.stringify(requestBody) and "Parses the JSON body" when canHaveBody is true,
and otherwise change those steps to refer to reading/verifying the raw request
body or note "no body expected"; adjust the signature verification step (where
it builds `${timestamp}.${JSON.stringify(requestBody)}`) to use a rawBody
variable or conditional fragment so it doesn't call JSON.stringify for bodyless
methods; modify the returned template around the signature and "What to
generate" sections to branch on canHaveBody (referencing canHaveBody, bodyBlock,
and the template string that contains JSON.stringify(requestBody)).

---

Nitpick comments:
In
`@apps/dashboard/src/components/workflow-editor/steps/http-request/curl-utils.ts`:
- Line 24: Extract the duplicated HTTP body-eligibility check into a single
exported helper function named canMethodHaveBody(method) (returns boolean) and
replace the inline constant in curl-utils.ts (const canHaveBody = ...),
use-copy-prompt.tsx, and http-request-editor.tsx to call that helper; update the
three files to import the helper from the new utility module and ensure the
function treats GET, DELETE, HEAD, and OPTIONS as non-body methods to preserve
existing behavior.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 73b709d7-0192-42db-ad83-e69c0c884199

📥 Commits

Reviewing files that changed from the base of the PR and between 7136053 and b392283.

📒 Files selected for processing (3)

• apps/dashboard/src/components/workflow-editor/steps/http-request/curl-utils.ts
• apps/dashboard/src/components/workflow-editor/steps/http-request/http-request-editor.tsx
• apps/dashboard/src/components/workflow-editor/steps/http-request/use-copy-prompt.tsx

[djabarovgeorge]

@cursoragent
remove the const canHaveBody use-copy-prompt.tsx file, reuse the already existing cont from curl-utils.ts

[cursor]

Done. Here's what I changed:

• Extracted canMethodHaveBody(method) as a shared helper function in curl-utils.ts, with a single METHODS_WITHOUT_BODY set that defines GET, HEAD, OPTIONS, and DELETE as bodyless methods.
• use-copy-prompt.tsx now imports canMethodHaveBody and KeyValuePair from curl-utils.ts instead of defining its own duplicate logic and type.
• http-request-editor.tsx also imports canMethodHaveBody from curl-utils.ts, removing its local METHODS_WITHOUT_BODY constant.

All three files now share one source of truth for body eligibility.

  

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In
`@apps/dashboard/src/components/workflow-editor/steps/http-request/curl-utils.ts`:
- Around line 7-9: canMethodHaveBody currently performs a case-sensitive lookup
against METHODS_WITHOUT_BODY, so inputs like "get" or "Head" are misclassified;
update canMethodHaveBody to normalize the incoming method (e.g.,
method?.toUpperCase()) before checking METHODS_WITHOUT_BODY.has(method) and
ensure it safely handles null/undefined inputs (treat non-strings as not having
a body or return false) so lookups are consistent regardless of caller casing.
- Around line 7-9: Replace the duplicated method-body check in curl-display.tsx
(currently using "method !== 'GET' && method !== 'DELETE'") with the canonical
helper canMethodHaveBody; import canMethodHaveBody from curl-utils and use it
wherever the component decides whether to show/send a request body so
HEAD/OPTIONS and any future rules follow the centralized logic in
canMethodHaveBody.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 845d7e29-5c49-42d6-ae17-663bfda230d2

📥 Commits

Reviewing files that changed from the base of the PR and between b392283 and f666b26.

📒 Files selected for processing (3)

• apps/dashboard/src/components/workflow-editor/steps/http-request/curl-utils.ts
• apps/dashboard/src/components/workflow-editor/steps/http-request/http-request-editor.tsx
• apps/dashboard/src/components/workflow-editor/steps/http-request/use-copy-prompt.tsx

🚧 Files skipped from review as they are similar to previous changes (2)

• apps/dashboard/src/components/workflow-editor/steps/http-request/use-copy-prompt.tsx
• apps/dashboard/src/components/workflow-editor/steps/http-request/http-request-editor.tsx