# 07F1 Provider Compliance Public Copy Fix — aieditorrsp

- task_id: t_5c0f6d38
- tenant: site-aieditorrsp-20260528
- project_slug: aieditorrsp
- domain: https://aieditorrsp.net
- completed_at_utc: 2026-05-29T08:13:30Z
- prepared_by: 墨界
- verdict: DONE

## Commit / deploy

- commit_sha: `988cb9fd017a208c1bf33ec0aae17d2bb9fbbe67`
- pushed_branch: `main`
- deploy_url: `https://aieditorrsp.net`
- deployment_source_commit: `988cb9fd017a208c1bf33ec0aae17d2bb9fbbe67`
- cloudflare_worker: `aieditorrsp`
- cloudflare_version_id: `4fb22e10-8867-4a0f-b51a-469eeb56cdd1`
- deploy_command: `npm run deploy`
- git_status_after: `## main...origin/main`

## Public copy changes

Updated Privacy, Terms, Refund, Pricing, Cookie Policy, and the homepage/provider preview labels to match the enabled limited-provider state.

Key public-copy alignment:

- Names server-side fal processing with `fal-ai/flux-pro/kontext`.
- States source uploads/results are not stored in site-owned D1/R2/media storage.
- States anonymous generated results use a fal-hosted result URL for preview/download with a 24h result URL window.
- Distinguishes enabled limited provider generation from disabled paid checkout, subscriptions, and credit packs.
- Removes stale provider-disabled wording from public rendered copy.
- Removes storage overclaims for prompt history, account output retention, site-hosted mirrors/cloud sync, encrypted-at-rest upload/result badge, and source provenance tracking.
- Aligns the touched Terms footer copyright to `© 2026 AI Editor RSP`.

## Changed files

- `design-v3/html/home-desktop.html`
- `design-v3/html/privacy-desktop.html`
- `design-v3/html/terms-desktop.html`
- `design-v3/html/refund-desktop.html`
- `design-v3/html/pricing-desktop.html`
- `design-v3/html/cookie-policy-desktop.html`
- `src/lib/designHtml.ts`
- `src/lib/rawDesign.ts`
- `src/components/ProductPreviewEditor.tsx`
- `src/app/privacy/page.tsx`
- `src/app/terms/page.tsx`
- `src/app/refund/page.tsx`
- `src/app/pricing/page.tsx`

## Verification

Local checks:

- `npm run verify`: PASS
- `npm run seo:audit`: PASS
- `npm run build`: PASS
- `npm run deploy`: PASS

Production route smoke:

| Route | HTTP | Required copy | Stale/overclaim hits |
| --- | ---: | --- | --- |
| `/privacy` | 200 | PASS | 0 |
| `/terms` | 200 | PASS | 0 |
| `/refund` | 200 | PASS | 0 |
| `/pricing` | 200 | PASS | 0 |
| `/cookie-policy` | 200 | PASS | 0 |
| `/` | 200 | PASS | 0 |

Production API smoke:

- `GET /api/credits`: 200, `paid_enabled:false`
- `GET /api/health`: 200, runtime `cloudflare-workers-opennext`

Public source/bundle scan:

- `src/**`: no legacy hyphenated domain hit; no likely fal secret value; no stale provider-disabled copy hits.
- `.open-next/**`: no legacy hyphenated domain hit; no likely fal secret value; no stale provider-disabled copy hits.

## Final decision

DONE. Public compliance copy now matches the provider-enabled limited preview state while preserving SEO checks and provider route behavior.