refactor: remove crash workaround scaffolding

README.md

@@ -59,7 +59,7 @@ Frontend:
 Current repo note:
 
 - `POSTMORTEM.md` documents why the previous authenticated workspace architecture was fragile under Firefox plus RoboForm.
-- `TASKS.md` records the route-first rewrite that addressed that architecture.
+- `TASKS.md` records the route-first rewrite and the final Blazor configuration change that resolved the Firefox plus RoboForm crash.
 
 ## Runtime and Persistence
 
@@ -115,6 +115,16 @@ Authenticated interactivity is route-local instead of global:
 - Blazor startup is manual with `Blazor.start({ ssr: { disableDomPreservation: true } })` so the app can disable enhanced SSR DOM preservation during interactive attach
 - Header route changes now use full document navigation so moving between authenticated routes remounts the target per-page interactive root instead of trying to reuse the previous page circuit
 
+Firefox plus RoboForm resolution:
+
+- the route-first rewrite reduced the authenticated surface area, but it was not the final fix
+- the crash stopped only after the app stopped using global Blazor interactivity
+- the working combination is:
+  - per-page `InteractiveServerRenderMode(prerender: false)` on `/play`, `/campaigns`, and `/admin`
+  - manual `Blazor.start({ ssr: { disableDomPreservation: true } })`
+  - full document navigation between authenticated routes with `forceLoad: true`
+- earlier phased first-render shells and heavy diagnostics were investigative steps and have been removed
+
 Interactive bootstrap is now route-local:
 
 - `WorkspaceRouteView.razor` performs the first-render JS-dependent session initialization for the authenticated route that mounted
@@ -201,10 +211,8 @@ SQLite migration rule:
 - Static assets are linked through Blazor's `@Assets[...]` pipeline for fingerprinted cache-busting URLs.
 - Workspace reads are resolved through API requests in `WorkspaceQueryService`; browser interop stays focused on auth forms, session storage, SSE wiring, and small DOM helpers.
 - Interactive authenticated startup begins in `WorkspaceRouteView.razor` after first render because `RpgRollerApiClient` still depends on JS interop-backed `fetch`.
-- Workspace startup diagnostics now log route initialization, route-content render phases, and browser-side workspace mutation snapshots to help isolate the remaining Firefox startup crash documented in `POSTMORTEM.md`.
-- Pre-Blazor diagnostics also watch the static `#rr-interactive-host` container before `_framework/blazor.web.js` connects, so extension-driven DOM mutations can be compared against the first failing interactive batch.
-- Authenticated routes now avoid global `Routes @rendermode` because upstream issue `dotnet/aspnetcore#58824` reports Firefox-specific failures with global interactivity and explicitly calls out per-page mode as the safer path.
-- Authenticated routes now mount through phased interactive batches: minimal shell first, then a simple header placeholder, then route skeletons, and only then the real header and control-heavy route content after route initialization succeeds.
+- Authenticated routes avoid global `Routes @rendermode` because upstream issue `dotnet/aspnetcore#58824` reports Firefox-specific failures with global interactivity and explicitly calls out per-page mode as the safer path.
+- Authenticated route changes use full document navigations so each route remounts its own per-page interactive root.
 - Live workspace refresh compares separate roster, per-character sheet, and log versions so unrelated changes do not trigger full reloads.
 - Campaign log data is loaded in bounded slices: campaign summaries, one selected roster, one selected character sheet, and a 25-row incremental log window from `/api/campaigns/{campaignId}/log/page`.
 - Log rows return compact summary data first and lazy-load full detail from `/api/rolls/{rollId}` when expanded.