fix: restore rate limiting and fix language switch links

Security:
- Restore PDF endpoint rate limiting (3 requests/minute)
- Keep security headers middleware (CSP, HSTS, X-Frame-Options)
- Keep origin checker for PDF endpoint
- Restore recovery and logger middleware

Links:
- Fix 'CV in [language]' links to use relative URLs (/?lang=)
- Now correctly navigates to page instead of downloading
- PDF download links remain as full URLs for direct download

Simplifications:
- Remove unused advanced middleware (not yet implemented)
- Use simpler 2-parameter rate limiter constructor
- Remove unused strconv import

data/cv-en.json

@@ -895,7 +895,7 @@
     },
     {
       "title": "Curriculum Vitae in PDF in Spanish",
-      "url": "https://juan.andres.morenorub.io/?lang=es",
+      "url": "/?lang=es",
       "type": "cv",
       "textBefore": "Curriculum Vitae in PDF in",
       "linkText": "Spanish"

data/cv-es.json

@@ -900,7 +900,7 @@
     },
     {
       "title": "Currículum Vitae en PDF en Inglés",
-      "url": "https://juan.andres.morenorub.io/?lang=en",
+      "url": "/?lang=en",
       "type": "cv",
       "textBefore": "Currículum Vitae en PDF en",
       "linkText": "Inglés"

main.go

@@ -75,6 +75,7 @@ func main() {
 	// Create rate limiter for PDF endpoint
 	// Allow 3 PDF generations per minute per IP
 	pdfRateLimiter := middleware.NewRateLimiter(3, 1*time.Minute)
+	log.Printf("🔒 Rate limiter enabled for PDF endpoint (3 requests/minute)")
 
 	// Routes
 	mux.HandleFunc("/", cvHandler.Home)