fix: security and code quality improvements

Security fixes:
- Add file upload size limits (10MB) for customer and product imports
- Add XLSX file validation with row limits and magic byte checking
- Implement password validation (min 6 chars) in registration
- Add rate limiting for guest login (5 per IP per 15 minutes)
- Sanitize error messages to prevent information leakage
- Fix XSS vulnerability by removing unsafe v-html usage
- Enforce WhatsApp webhook signature verification
- Add SSRF protection with URL validation and IP blocking
- Fix marketing endpoints to use proper authentication

Code quality improvements:
- Create shared utility functions for UUID validation and string sanitization
- Remove duplicate UUID validation code from admin modules
- Remove dead code (pass statement in translation.py)
- Fix aliyun SDK import compatibility

user-frontend/src/views/Workspace.vue

@@ -129,13 +129,13 @@
       <el-table :data="planData" border>
         <el-table-column label="功能" prop="feature" width="140" />
         <el-table-column label="免费版" width="160">
-          <template #default="{ row }"><span v-html="row.free" /></template>
+          <template #default="{ row }"><span>{{ row.free }}</span></template>
         </el-table-column>
         <el-table-column label="Pro ¥99/月" width="160">
-          <template #default="{ row }"><span v-html="row.pro" /></template>
+          <template #default="{ row }"><span>{{ row.pro }}</span></template>
         </el-table-column>
         <el-table-column label="企业 ¥399/月" width="160">
-          <template #default="{ row }"><span v-html="row.enterprise" /></template>
+          <template #default="{ row }"><span>{{ row.enterprise }}</span></template>
         </el-table-column>
       </el-table>
       <div style="text-align:center;margin-top:20px">