CSRF Protection (8a78b2b)

• Implemented comprehensive CSRF (Cross-Site Request Forgery) protection for enhanced security
• Added new backend/src/security.ts module for security utilities
• Frontend API layer now handles CSRF tokens automatically
• Added integration tests for CSRF validation

Upload Progress Indicator (8f9b9b4)

• Added a visual upload progress bar when users upload files
• New UploadContext for managing upload state across components
• New UploadStatus component displaying real-time upload progress
• Save status indicator when navigating back from the editor
• Improved error handling and recovery for failed uploads

Bug Fixes

• Fixed broken e2e tests (cae8f3c)
• Replaced deprecated substr() with substring()
• Fixed stale state issues in error handling
• Fixed missing useEffect dependencies
• Fixed CSS class conflicts in progress bar styling
• Added error recovery for save state in Editor

Infrastructure

• Updated docker-compose configurations with new environment variables
• E2E test suite improvements and reliability fixes
• Added Kubernetes deployment note in README

Kubernetes

A CSRF_SECRET environment variable is now required for CSRF protection. Generate a secure 32+ character random string:

openssl rand -base64 32

Add it to your deployment:
- Docker Compose: Add CSRF_SECRET=<your-secret> to the backend service environment
- Kubernetes: Add to your ConfigMap/Secret and reference in the backend deployment

If not set, the backend will refuse to start.