feat(2): cryptpad create-pad content roundtrip Playwright test — resolves F2-9 (§4.3 create+read-back)

Adds tests/cryptpad/playwright/test_pad_content_roundtrip.py: open /pad/ → CryptPad auto-creates a
fragment-keyed pad → type a unique marker into the CKEditor body → wait for encrypted sync → open a
FRESH browser context (no shared localStorage/cookies) → navigate to the captured pad URL → assert
the marker survives in the re-decrypted body. Proves genuine end-to-end-encrypted server-side
persistence (the fresh session carries only the URL+fragment key), the §4.3 create-and-read-back
floor F2-9 requires — not a health/SPA stand-in.

Empirically mapped against CryptPad 2026.2.0 (the prior deferral cited version-fragility on 5.7.0):
editor is the deep nested frame …/pad/ckeditor-inner.html; ~15s cold-cache LESS-compile init; the
fragment-keyed pad URL DOES appear after init; transient net::ERR_NETWORK_CHANGED handled by the
shared goto_with_retry + a mid-load reload retry in the frame wait. PASSED against a live probe
instance. PARITY.md updated (roundtrip = the P3/§4.3 test; SPA-render test kept as fast liveness).

F2-9 is Adversary-owned — left for the Adversary to close after cold-verify.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

tests/cryptpad/PARITY.md

@@ -17,7 +17,8 @@ object + read-it-back" test (plan §4.3 floor) MUST use a real browser (per plan
 
 | cc-ci file | what's verified | rationale |
 |---|---|---|
-| `tests/cryptpad/playwright/test_pad_create.py` | Browses to `/`. Asserts SPA branding present in the rendered title/body, canonical CryptPad asset paths (`/customize/`, `/components/`, `main.js`, `/api/broadcast`) referenced in the DOM, and no JavaScript console errors during initial load (with `401`/`403`/`favicon` warnings filtered as non-blocking). | Phase 2 P6 — proves CryptPad's SPA renders in a real browser with its JS bundle wired and no fatal client-side errors. (**Deferred to a Q3.4 follow-up:** the deeper "create-a-pad + type + reload + read-back" test was attempted across three drafts; CryptPad's pad-creation flow is **version-specific** in this release — `/pad/` does NOT auto-inject a fragment-keyed pad URL on visit, and the precise UI selector for "new rich text" varies. The maximal testable subset under §7.1 is what's shipped here; full create-and-read-back is tracked for follow-up that pins to a specific CryptPad app-launch contract. Documented in BACKLOG-2 + DECISIONS.md.) |
+| `tests/cryptpad/playwright/test_pad_content_roundtrip.py` | **§4.3 create-an-object + read-it-back (resolves F2-9).** Opens `/pad/` → CryptPad auto-creates a fragment-keyed pad (`#/2/pad/edit/<key>/`); types a unique marker into the CKEditor rich-text body (nested sandbox iframe `…/pad/ckeditor-inner.html`); waits for the encrypted update to sync ("Saved"); then opens a **brand-new browser context** (no shared localStorage/cookies) and navigates to the captured pad URL; asserts the marker is present in the re-decrypted body. | Phase 2 P3/§4.3 floor — proves genuine **end-to-end-encrypted persistence**: the fresh session carries only the URL (incl. its fragment key), so a successful read-back means the content was persisted server-side as ciphertext and correctly decrypted by a new client. Not a health/SPA stand-in. Mapped empirically against CryptPad 2026.2.0 (editor in a deep nested frame; ~15s cold-cache LESS-compile init; transient `net::ERR_NETWORK_CHANGED` handled by the shared `goto_with_retry` + a mid-load reload retry). |
+| `tests/cryptpad/playwright/test_pad_create.py` | Browses to `/`. Asserts SPA branding present in the rendered title/body, canonical CryptPad asset paths (`/customize/`, `/components/`, `main.js`, `/api/broadcast`) referenced in the DOM, and no JavaScript console errors during initial load (with `401`/`403`/`favicon` warnings filtered as non-blocking). | Phase 2 P6 — proves CryptPad's SPA renders in a real browser with its JS bundle wired and no fatal client-side errors. (Complements the roundtrip test above; was the "maximal subset" while create-and-read-back was deferred — now superseded by the full roundtrip, kept as a fast SPA-liveness check.) |
 | `tests/cryptpad/functional/test_spa_assets.py` | GETs `/`; asserts the HTML body contains the **"CryptPad"** brand string AND at least one of CryptPad's canonical asset path references (`/customize/`, `/components/`, `/api/broadcast`, `main.js`). | Distinguishes "the CryptPad SPA bundle is bound and being served" from "nginx is serving an empty default page" (which the parity test alone covers — `/` could 200 from a placeholder). Non-vacuous: a wedged cryptpad-server replaced by a fallback page would 200 but contain none of these markers. |
 
 Two specific tests — the ≥2 floor is met. Backup data-integrity is exercised by the Phase-1d/1e

tests/cryptpad/playwright/test_pad_content_roundtrip.py

@@ -0,0 +1,129 @@
+"""cryptpad — §4.3 create-an-object + read-it-back (Phase 2 P3 + P6); resolves F2-9.
+
+CryptPad is end-to-end client-side encrypted: the server only ever stores ciphertext, and the
+decryption key lives in the URL fragment (`#/2/pad/edit/<key>/`). So "create a pad, confirm it
+persists" cannot be done with bare curl (plan §4.3 note) — it must be a real browser flow. This test
+proves genuine persistence of decrypted content across a FRESH browser session:
+
+1. Open `/pad/` in a browser; CryptPad auto-creates a new anonymous pad and writes the edit URL
+   (fragment-keyed) into the address bar. Capture that full URL.
+2. Type a unique marker into the CKEditor rich-text body (nested sandbox iframe).
+3. Wait for CryptPad to sync the encrypted update to the server ("Saved").
+4. Open a **brand-new browser context** (no shared localStorage/cookies — a different "session")
+   and navigate to the captured pad URL.
+5. Assert the unique marker is present in the re-decrypted pad body.
+
+Step 4's fresh context is the real proof: the only thing carried over is the URL (incl. its
+fragment key), so a successful read-back means the content was persisted server-side (encrypted) and
+correctly decrypted by a new client — not merely cached locally. This is the §4.3 create-and-read-back
+floor for CryptPad, not a health/SPA-render stand-in.
+
+Empirically mapped against the recipe under test (CryptPad 2026.2.0): the editor lives in a deeply
+nested frame `…/pad/ckeditor-inner.html` (top page → `#sbox-iframe` on the sandbox domain → CKEditor
+frame); first init compiles LESS (~15s on a cold cache), so the frame hunt and hash wait are patient.
+Transient `net::ERR_NETWORK_CHANGED` is handled by the shared `goto_with_retry` (F2-3).
+"""
+
+from __future__ import annotations
+
+import os
+import sys
+import uuid
+
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "..", "..", "runner"))
+from harness import browser as harness_browser  # noqa: E402
+
+
+def _open_pad(ctx, url):
+    """Open `url`, wait for full init, and return (page, pad_edit_url). The pad URL is the address
+    bar once CryptPad has created/loaded the fragment-keyed pad (`#/2/pad/edit/<key>/`)."""
+    page = ctx.new_page()
+    harness_browser.goto_with_retry(
+        page, url, accept_statuses=(200,), goto_timeout_ms=60_000, wait_until="load",
+        deadline_seconds=150,
+    )
+    pad_url = url
+    for _ in range(40):  # up to ~80s for the pad to be created/loaded (cold-cache LESS compile)
+        page.wait_for_timeout(2000)
+        if "#/2/pad/edit/" in page.url:
+            pad_url = page.url
+            break
+    return page, pad_url
+
+
+def _ckeditor_frame(page, deadline_polls=90, reload_at=22, reload_url=None):
+    """Return CryptPad's CKEditor content frame (`…/pad/ckeditor-inner.html`), polling for it to
+    attach. It loads after the sandbox iframe + a cold-cache LESS compilation (~15s+), and a FRESH
+    browser context re-downloads/recompiles everything, which under this env's hairpin network can be
+    slow/flaky — so be patient (up to ~deadline_polls*2s) and, halfway, do ONE reload to unstick a
+    load that stalled on a transient net error."""
+    for i in range(deadline_polls):
+        for f in page.frames:
+            if "ckeditor-inner" in f.url:
+                return f
+        if i == reload_at and reload_url is not None:
+            try:
+                harness_browser.goto_with_retry(
+                    page, reload_url, accept_statuses=(200,), goto_timeout_ms=60_000,
+                    wait_until="load", deadline_seconds=120,
+                )
+            except Exception:  # noqa: BLE001 — reload is a best-effort unstick
+                pass
+        page.wait_for_timeout(2000)
+    return None
+
+
+def _dismiss_store_modal(page):
+    """Anonymous pads prompt 'store in CryptDrive?'. Dismiss it (DON'T STORE) so it can't intercept
+    editor clicks. Non-fatal if absent."""
+    for f in page.frames:
+        try:
+            btn = f.get_by_text("DON'T STORE", exact=False)
+            if btn.count():
+                btn.first.click(timeout=3000)
+                return
+        except Exception:  # noqa: BLE001 — best-effort modal dismissal
+            pass
+
+
+def test_cryptpad_pad_content_survives_fresh_session(live_app):
+    """Create a pad, type a unique marker, then read it back from a FRESH browser context via the
+    fragment-keyed URL — proving end-to-end-encrypted content persisted server-side (§4.3)."""
+    from playwright.sync_api import sync_playwright
+
+    marker = f"CCCI-PAD-{uuid.uuid4().hex[:12].upper()}"
+    with sync_playwright() as p:
+        browser = p.chromium.launch(args=["--no-sandbox"])
+        try:
+            # --- session 1: create the pad + write the marker ---
+            ctx1 = browser.new_context(ignore_https_errors=True)
+            page, pad_url = _open_pad(ctx1, f"https://{live_app}/pad/")
+            assert "#/2/pad/edit/" in pad_url, (
+                f"CryptPad did not create a fragment-keyed pad URL; got {pad_url!r}"
+            )
+            ck = _ckeditor_frame(page, reload_url=pad_url)
+            assert ck is not None, "CKEditor content frame never attached (pad editor not ready)"
+            _dismiss_store_modal(page)
+            body = ck.locator("body")
+            body.click()
+            page.wait_for_timeout(1000)
+            body.type(marker, delay=40)
+            page.wait_for_timeout(9000)  # let CryptPad encrypt + sync the update to the server
+            assert marker in ck.locator("body").inner_text(), (
+                "marker not present in the editor after typing — type did not land"
+            )
+            ctx1.close()
+
+            # --- session 2: FRESH context (no shared storage) reads the pad back by URL ---
+            ctx2 = browser.new_context(ignore_https_errors=True)
+            page2, _ = _open_pad(ctx2, pad_url)
+            ck2 = _ckeditor_frame(page2, reload_url=pad_url)
+            assert ck2 is not None, "CKEditor content frame never attached on read-back"
+            page2.wait_for_timeout(6000)  # let the pad load + decrypt
+            readback = ck2.locator("body").inner_text()
+            assert marker in readback, (
+                f"marker {marker!r} did NOT survive into a fresh session — content not persisted/"
+                f"decrypted. Read-back body excerpt: {readback[:200]!r}"
+            )
+        finally:
+            browser.close()