Community Feedback Board

Problem/Feature Description

A developer community platform wants to add a public feedback board where registered users can post short comments about product features. The board is embedded in the main web app as a small widget — it fetches comments from the backend and renders them in a list. Users can also submit new comments through the widget.

The platform had a security report last year where a user posted a comment containing angle brackets and script tags, which caused strange rendering glitches in some browsers. The team wants the new implementation done correctly so that any special characters in comments are handled safely, regardless of what a user types.

The feature is intentionally simple: a list of comments shown on page load, and a form to post a new comment. Each comment shows the author's display name and the comment text. The backend stores comments in memory (no database required for this feature).

Output Specification

Implement the feedback board as a self-contained project with:

• A Node.js/Express backend with:
  • GET /api/comments — returns all comments as JSON
  • POST /api/comments — accepts a new comment and stores it
• A single HTML file (index.html) with embedded or linked JavaScript that:
  • Fetches comments from the API and renders them in a list
  • Provides a form with author name and comment text fields
  • Submits new comments to the API and refreshes the list

Produce all source files needed. The app should be startable with npm install && node server.js (or equivalent). No external frontend framework is required — plain JavaScript is fine.

Include a README.md with startup instructions.