Add contact antispam and fix gallery video playback.

English-only messages, rate limiting, min fill time, and normalized email
validation; improve modal video serving with posters, correct MIME types, and
no gzip on gallery media.

Co-authored-by: Cursor <cursoragent@cursor.com>

app/internal/contactcheck/english.go

@@ -0,0 +1,51 @@
+package contactcheck
+
+import (
+	"errors"
+	"strings"
+	"unicode"
+
+	"github.com/abadojack/whatlanggo"
+)
+
+const (
+	minMessageRunes = 20
+	maxMessageRunes = 8000
+	maxNameRunes    = 120
+)
+
+var (
+	ErrNotEnglish = errors.New("message must be in English")
+	ErrTooShort   = errors.New("message too short")
+	ErrTooLong    = errors.New("message too long")
+	ErrName       = errors.New("name too long")
+)
+
+// ValidateEnglish checks script and language for name + message combined.
+func ValidateEnglish(name, message string) error {
+	msg := strings.TrimSpace(message)
+	nMsg := len([]rune(msg))
+	if nMsg < minMessageRunes {
+		return ErrTooShort
+	}
+	if nMsg > maxMessageRunes {
+		return ErrTooLong
+	}
+	if len([]rune(strings.TrimSpace(name))) > maxNameRunes {
+		return ErrName
+	}
+
+	combined := strings.TrimSpace(name) + "\n\n" + msg
+	info := whatlanggo.Detect(combined)
+
+	if info.Script != nil && info.Script != unicode.Latin {
+		return ErrNotEnglish
+	}
+	if info.Lang != whatlanggo.Eng {
+		return ErrNotEnglish
+	}
+	if !info.IsReliable() && info.Confidence < 0.55 {
+		return ErrNotEnglish
+	}
+	return nil
+}

app/internal/contactcheck/form.go

@@ -0,0 +1,25 @@
+package contactcheck
+
+import (
+	"strings"
+	"time"
+)
+
+// HoneypotField is the form field bots should leave blank (hidden from users).
+const HoneypotField = "website"
+
+// MinFormFillDuration is the minimum time between showing the form and submit.
+const MinFormFillDuration = 3 * time.Second
+
+// SpamHoneypot reports whether the honeypot was filled (likely spam).
+func SpamHoneypot(value string) bool {
+	return strings.TrimSpace(value) != ""
+}
+
+// FormFilledTooFast reports whether the form was submitted before seenUnix (0 = never seen).
+func FormFilledTooFast(seenUnix int64, now time.Time) bool {
+	if seenUnix <= 0 {
+		return true
+	}
+	return now.Sub(time.Unix(seenUnix, 0)) < MinFormFillDuration
+}

app/internal/contactcheck/form_test.go

@@ -0,0 +1,30 @@
+package contactcheck
+
+import (
+	"testing"
+	"time"
+)
+
+func TestSpamHoneypot(t *testing.T) {
+	if !SpamHoneypot("filled") {
+		t.Fatal("expected honeypot trip")
+	}
+	if SpamHoneypot("  ") {
+		t.Fatal("expected empty honeypot")
+	}
+}
+
+func TestFormFilledTooFast(t *testing.T) {
+	now := time.Unix(1_000_000, 0)
+	seen := now.Add(-MinFormFillDuration).Unix()
+
+	if !FormFilledTooFast(0, now) {
+		t.Error("missing seen time should be too fast")
+	}
+	if !FormFilledTooFast(seen+1, now) {
+		t.Error("submit before min duration should be too fast")
+	}
+	if FormFilledTooFast(seen, now) {
+		t.Error("submit at min duration should be allowed")
+	}
+}