Fix UI/UX inconsistencies and premium terminal enhancements (#104)

app.py

@@ -17,10 +17,10 @@
 import shutil
 import logging
 import urllib.error
-from datetime import datetime, timezone
-from pathlib import Path
-from flask import Flask, request, jsonify, send_from_directory, Response
-from werkzeug.exceptions import BadRequest
+from datetime import datetime, timezone
+from pathlib import Path
+from flask import Flask, request, jsonify, send_from_directory, Response
+from werkzeug.exceptions import BadRequest
 
 # Setup logger for DevShell backend logging
 logging.basicConfig(level=logging.INFO)
@@ -2397,18 +2397,19 @@ def parse_script_metadata(filepath):
         with open(filepath, "r", encoding="utf-8", errors="replace") as f:
             for line in f:
                 line = line.strip()
-                if line.startswith("# name:"):
-                    name_val = line[7:].strip()
-                    if name_val:
-                        metadata["name"] = name_val
-                elif line.startswith("# desc:"):
-                    metadata["desc"] = line[7:].strip()
-                elif line.startswith("# tag:"):
-                    metadata["tag"] = line[6:].strip()
-                elif line.startswith("# url:"):
-                    metadata["url"] = line[6:].strip()
-                elif not line.startswith("#") and line:
+                if line.startswith('# name:'):
+                name_val = line[7:].strip()
+                if name_val:
+                    metadata['name'] = name_val
+                elif line.startswith('# desc:'):
+                    metadata['desc'] = line[7:].strip()
+                elif line.startswith('# tag:'):
+                    metadata['tag'] = line[6:].strip()
+                elif line.startswith('# url:'):
+                    metadata['url'] = line[6:].strip()
+                elif not line.startswith('#') and line:
                     break
+
     except Exception:  # nosec B110
         pass
     return metadata
@@ -2450,10 +2451,10 @@ def get_all_scripts():
 # ─── Security Enhancements ──────────────────────────────────────────
 
 @app.before_request
-def enforce_security():
-    from flask import abort
-    from urllib.parse import urlparse
-
+def enforce_security():
+    from flask import abort
+    from urllib.parse import urlparse
+
     # 1. Host Validation (prevents DNS Rebinding)
     host_only = request.host.split(':')[0]
     if host_only not in ('127.0.0.1', 'localhost'):
@@ -2479,22 +2480,22 @@ def is_valid_local(url):
                 abort(403)
         else:
             # Reject if neither is present and request is from a browser
-            user_agent = request.headers.get('User-Agent', '')
-            if any(b in user_agent for b in ['Mozilla', 'Chrome', 'Safari', 'Edge']):
-                abort(403)
-
-    # 3. JSON body validation. Many API handlers safely default missing JSON to
-    # an empty payload, but malformed JSON should fail before route logic runs.
-    if request.method in ['POST', 'PUT', 'DELETE', 'PATCH'] and request.is_json:
-        try:
-            request.get_json(silent=False)
-        except BadRequest:
-            return jsonify({
-                "success": False,
-                "error": "Invalid JSON payload",
-            }), 400
-
-# ─── Routes ───────────────────────────────────────────────────────
+            user_agent = request.headers.get('User-Agent', '')
+            if any(b in user_agent for b in ['Mozilla', 'Chrome', 'Safari', 'Edge']):
+                abort(403)
+
+    # 3. JSON body validation. Many API handlers safely default missing JSON to
+    # an empty payload, but malformed JSON should fail before route logic runs.
+    if request.method in ['POST', 'PUT', 'DELETE', 'PATCH'] and request.is_json:
+        try:
+            request.get_json(silent=False)
+        except BadRequest:
+            return jsonify({
+                "success": False,
+                "error": "Invalid JSON payload",
+            }), 400
+
+# ─── Routes ───────────────────────────────────────────────────────
 
 
 @app.route("/")