[Project] Kitepad - Core product, security, and UX consolidation
Today was focused on turning KitePad into a more complete and production‑like paste platform. I integrated a CodeJar‑based syntax‑highlighting editor to optimize for code‑oriented pastes and introduced an internationalization layer for UI and privacy policy text. To protect usage metrics and content, I added view limits, bot detection for view counts, and secure edit tokens so that only clients with a valid token can update a given paste.
I enhanced the editing flow by restoring full post metadata (title, options, etc.) for edit/clone operations, improved YouTube embeds, and applied fade truncation plus API caching on the list view to balance readability and performance. On the security side, I implemented cookie‑based CSRF tokens, persistent content unlocking for serverless environments, and a dedicated CSRF token API endpoint consumed by index.html, then combined this with E2EE decryption, security headers, CSRF protection, and rate limiting.
On the UX and documentation front, I added an English/Korean language toggle for the privacy policy, a new responsive header layout with tagline, QR code generation for paste links, and improved mobile responsiveness across the app. I also updated the README with a platform link, screenshots, simplified description, and fixed markdown link formatting. Finally, I introduced UID‑based content IDs, rebranded the project as KitePad, and added validation/sanitization to improve shareability and data integrity.