Specify the declarative theme-token schema and per-scope CSS isolation, plus the isolated user-content domain (registration + PSL) for the raw-HTML tier.
Why this matters
Entry 027 decides the shape (declarative cascade on the main origin; raw HTML on an isolated origin), and Entry 037 fixes the theme execution boundary: a theme is validated design tokens + a checked asset bundle — never arbitrary CSS or JS, distributed through a marketplace over that safe substrate. This entry specifies the remaining mechanics:
- Theme-token schema — the CSS custom properties exposed at each cascade rung (network / franchise / community), and the allowlisted asset types (backgrounds, wordmarks, fonts).
- Scope isolation — how a franchise or community theme is confined to its
subtree (e.g.
data-attribute scoping or shadow DOM) so it cannot bleed into canon pages or other communities, and never overlays the network chrome. - Isolated user-content domain — selecting the separate registrable domain for the raw-HTML tier (per-user subdomain), submitting it to the Public Suffix List, and the CSP / sandbox posture there.
- Uploaded files — the cookieless
usercontentorigin for avatars and attachments, with sanitized content-types. - Abuse and performance limits — payload sizes, script/network limits in the sandbox, and review/takedown hooks.