TODO:

• Add server-side input validation where needed.
• Limit the raw JSON import ability to trusted admins.
  If you need, I can add HTTP basic auth or integrate a simple login.
• Add basic HTTP auth to the single file.
• Convert to a two-file system (API endpoint + React frontend).
• Add image uploads and insert links into the HTML content.
• Harden security (rate-limit, stricter CSRF/session handling).