Streaming chat with auto-continue
Token-by-token SSE streaming. If the model gets cut off mid-canvas, the client
automatically asks it to continue without losing any code.
Code canvas with HTML preview
The model emits code in /canvas<title><type> … <end>
blocks. Click any code card to open a full-screen viewer with copy and live HTML preview.
Image generation by intent (AI-only protocol)
Just ask in plain language — "draw me a sunset". The model itself emits an internal
/genimage<refined prompt>execute command that the frontend detects,
waits 2 seconds, then dispatches to /api/image. Slash commands are an
AI-only protocol — users never type them.
Skeleton loader, lightbox, download
Image cards show a shimmer-style skeleton matched to the chat aesthetic. When the
image arrives it fades in. Open / Download / Copy-prompt buttons appear.
Privacy: no backend storage
Your chat history never reaches the server. Conversations are kept only in this browser's
localStorage — and only if you opt in via Settings.
Lazy chat loading
The Chats tab lists titles only. Full content is loaded into the DOM only when you click a
specific chat — keeping memory and CPU low even with hundreds of saved chats.
Zero key exposure
The upstream API key, base URL, and model names live exclusively in Cloudflare environment
secrets. They are never sent to the browser.
Strict CSP & bot blocking
Locked-down Content-Security-Policy denies third-party scripts, framing, and arbitrary
connections. Aggressive crawlers (GPTBot, ClaudeBot, Bytespider, AhrefsBot, etc.) are blocked
at the edge by both noindex meta + a User-Agent allowlist in each function.
Same-origin enforcement
API mutations (POST /api/chat, /api/image) are rejected
if the Origin header doesn't match the deployed host.
Input validation & image safety filter
Server-side schema check on the messages array (role allowlist, length caps), strict
role/content shape, control-char stripping, and a regex-based safety filter on every
image prompt (NSFW, gore, CSAM patterns rejected with 400).
HSTS, COOP, CORP, frame-ancestors none
HTTPS pinned with Strict-Transport-Security;
Cross-Origin-Opener-Policy + Cross-Origin-Resource-Policy set to
same-origin; X-Frame-Options: DENY; frame-ancestors 'none'.
Image prompt-engineering skill (built into the system prompt)
Before producing any image command, the assistant follows an 8-pillar rubric:
subject, action, setting, lighting, mood, style, composition, quality tags. Prompts are
written in English even if you wrote in Hindi/Hinglish, kept under 500 characters, and
auto-rejected for unsafe content. Examples are baked into the system prompt that runs
server-side, so the browser cannot tamper with it.
How the image flow works (step by step)
- You ask the AI for an image in your own words — e.g. "image bana de futuristic city ki".
- The model replies with one short ack + an internal command
/genimage<refined english prompt>execute.
- The frontend detects the command, hides it from view, and renders a matched skeleton + shimmer card.
- It waits ~2 seconds (deliberate).
- It POSTs the prompt to
/api/image — the Pages Function adds the API key and forwards to the upstream.
- The image fades in. Open / Download / Copy-prompt buttons appear.