# ZeroPress Preview Data Spec v0.6
> Status: Active (current preview-data contract)
This is the long-form contract document for preview-data v0.6. For day-to-day schema review, generated output QA, and quick field lookup, start with the [Preview Data Reference](../reference/preview-data/index.md) and the [Preview Data v0.6 Schema](https://schemas.zeropress.dev/preview-data/v0.6/schema.json).
## 0. Core Philosophy
- Preview-data is the canonical theme-facing content payload.
- Preview-data is data-only and does not contain render-ready application behavior.
- Themes consume preview-data; build tooling is responsible for rendering and file emission.
- Preview-data must be safe to validate independently of CMS or build implementation details.
## 1. Scope
Preview-data v0.6 defines the public payload contract used by ZeroPress build and preview tooling.
In scope:
- Top-level preview-data payload structure
- Site metadata exposed to themes
- Content collections for authors, posts, pages, categories, and tags
- Optional enabled menus keyed by `menu_id`
- Optional enabled widget areas keyed by `widget_area_id`
- Optional named collections keyed by collection id
- Optional site permalink policy
- Optional front page and post index policy
- Optional nested page path overrides
- Optional trusted site customization fields
- Contract-level safety rules for slug and route-related values
Out of scope:
- CMS authoring workflows
- Database schema or admin API request formats
- Theme manifest rules (`theme.json`)
- Host-specific request resolution beyond the emitted static files
## 2. Top-Level Contract
Preview-data v0.6 is a JSON object with the following required top-level fields:
- `version`
- `generator`
- `generated_at`
- `site`
- `content`
Key points:
- `version` must be `"0.6"`.
- `generated_at` is a UTC date-time string.
- `content` is data-only and does not include pre-rendered archive/category/tag route arrays.
- `menus` is optional and keyed by enabled `menu_id` values when present.
- `widgets` is optional and keyed by enabled `widget_area_id` values when present.
- `collections` is optional and keyed by collection id values when present.
- `custom_css` and `custom_html` are optional site customization fields.
The machine-readable schema is:
- [Preview Data v0.6 Schema](https://schemas.zeropress.dev/preview-data/v0.6/schema.json)
## 3. Content Model
### 3.1 `site`
`site` contains theme-facing site metadata such as:
- `title`
- `description`
- `url`
- `media_base_url`
- `media_delivery_mode`
- `favicon`
- `logo`
- `expose_generator`
- `search`
- `locale`
- `posts_per_page`
- `datetime_display`
- `date_style`
- `time_style`
- `timezone`
- `disallow_comments`
- `indexing`
- `permalinks`
- `front_page`
- `post_index`
- `footer`
- `meta`
`site` is a closed object in v0.6. Generator-defined site-level extension values belong under `site.meta`.
`site.media_delivery_mode` is optional and defaults to `"none"`. Supported values are:
| Value | Meaning |
| --- | --- |
| `none` | Preserve media URLs and do not derive responsive variant URLs |
| `media_domain` | Treat `site.media_base_url` as a ZeroPress media host and allow build tooling to derive variant URLs for managed raster media |
`site.favicon` is optional site-level HTML head metadata. It does not replace public file passthrough. Favicon values use the same media URL normalization as other media fields: absolute URLs are preserved, relative/root-relative values are resolved against `site.media_base_url` when it is non-empty, and relative/root-relative values are preserved when `site.media_base_url` is empty:
```json
{
"favicon": {
"icon": "/favicon.ico",
"svg": "/favicon.svg",
"png": "/favicon.png",
"apple_touch_icon": "/apple-touch-icon.png"
}
}
```
Build wrappers may auto-discover root-level public files such as `favicon.ico`, `favicon.svg`, `favicon.png`, and `apple-touch-icon.png` when `site.favicon` is omitted. Explicit `site.favicon` values take priority over auto-discovered public files. Auto-discovered public favicon fallback values remain public-root paths.
`site.logo` is optional site identity data for theme rendering. Logo `src` uses the same media URL normalization as other media fields:
```json
{
"logo": {
"src": "/logo.svg",
"alt": "Example Docs"
}
}
```
Use a root-relative public path for site-owned logo files, or a media-host-relative path when `site.media_base_url` points at a media host. Themes may fall back to `site.title` when `alt` is omitted. Prefer this first-class field over ad hoc keys such as `site.meta.logo_url`.
`site.expose_generator` is optional site-level HTML metadata policy. Missing or `true` means generated HTML pages include:
```html
```
Set `site.expose_generator` to `false` for white-label sites or when the site owner does not want to expose the generator in page metadata. This field is separate from footer attribution, which is visible theme UI.
`site.search` is an optional native static search preference. Missing or `true` allows ZeroPress native search when the active theme declares `features.search: true`. `false` disables native search artifacts and exposes `site.search: false` to templates so themes can hide search UI:
```json
{
"site": {
"search": false
}
}
```
This field does not affect sitemap, feed, robots.txt, or route generation.
`site.datetime_display` is a required theme-facing datetime display preference:
| Value | Meaning |
| --- | --- |
| `static` | Themes should normally render build-generated fallback strings such as `post.published_at` |
| `client` | Themes may progressively enhance `` |
`custom_html` is trusted raw HTML. ZeroPress does not sanitize, escape, validate tag safety, or block closing tags inside `content`. It is intended for admin-authorized or trusted generator input such as analytics snippets, verification tags, external scripts, and site-owned `public/` vendor scripts.
Themes may also expose partial-based integration points such as `{{partial:tracker}}`. The distinction is:
- partials are theme/site template integration points
- `custom_html` is preview-data driven site/admin customization
## 4. Slug Contract
In preview-data v0.6, every content `slug` is defined as a safe single URL path segment.
This applies to:
- `content.posts[].slug`
- `content.pages[].slug`
- `content.categories[].slug`
- `content.tags[].slug`
- `content.posts[].category_slugs[]`
- `content.posts[].tag_slugs[]`
### 4.1 Allowed
- Unicode characters, including Hangul
- Letters and digits from any supported script
- Internal punctuation that does not create path ambiguity and is accepted by the schema/runtime validators
### 4.2 Forbidden
- Empty or whitespace-only values
- Path separators: `/` and `\`
- Reserved dot segments: `.` and `..`
- Percent-encoded slug segments
- ASCII control characters, including NUL
### 4.3 Security Intent
These rules exist to ensure that a preview-data slug cannot be misinterpreted as:
- a multi-segment route
- a parent-directory traversal sequence
- an encoded path-escape sequence
- an ambiguous filesystem output path
Preview-data must remain safe even when produced or consumed by tooling outside the main CMS.
## 5. Permalink Contract
Preview-data v0.6 may include `site.permalinks` to define build-time public URLs and static output paths.
Default policy:
```json
{
"output_style": "directory",
"posts": "/posts/:slug/",
"pages": "/:slug/",
"categories": "/categories/:slug/",
"tags": "/tags/:slug/"
}
```
Supported `output_style` values:
| Value | Public URL | Output path |
| --- | --- | --- |
| `directory` | `/path/foo/` | `path/foo/index.html` |
| `html-extension` | `/path/foo` | `path/foo.html` |
The site root always outputs `index.html`.
Supported tokens:
| Collection | Tokens |
| --- | --- |
| posts | `:slug`, `:public_id`, `:year`, `:month`, `:day` |
| pages | `:slug` |
| categories | `:slug` |
| tags | `:slug` |
Token rules:
- Tokens must occupy a full path segment, such as `/posts/:public_id/`.
- Unknown tokens are contract-invalid.
- Post patterns must include `:slug` or `:public_id`.
- Page, category, and tag patterns must include `:slug`.
- Post date tokens are derived from `published_at_iso` using `site.timezone`.
- `:month` and `:day` are zero-padded.
- Literal `.html` permalink patterns are not part of v0.6.
Examples:
```json
{
"permalinks": {
"output_style": "html-extension",
"posts": "/posts/:public_id",
"pages": "/:slug/",
"categories": "/categories/:slug/",
"tags": "/tags/:slug/"
}
}
```
This creates public post URLs such as `/posts/123` and output files such as `posts/123.html`.
Pages may override the page permalink pattern with `path`:
```json
{
"title": "Preview Data v0.6",
"slug": "preview-data-v0.6",
"path": "spec/preview-data-v0.6"
}
```
With `html-extension`, this page has public URL `/spec/preview-data-v0.6` and output file `spec/preview-data-v0.6.html`.
For source-tree style docs, `index` can be used in the page path:
```json
{
"title": "CLI Tools",
"slug": "cli",
"path": "cli/index"
}
```
With `html-extension`, this page has public URL `/cli/` and output file `cli/index.html`. A sibling page such as `path: "cli/zeropress-theme"` has public URL `/cli/zeropress-theme` and output file `cli/zeropress-theme.html`.
`path` is relative, has no leading or trailing slash, has no empty segment, and each segment follows the slug segment safety policy.
ZeroPress does not emit extensionless files. For `html-extension`, static hosts may resolve `/path/foo` to `path/foo.html` without changing the URL.
## 6. Front Page And Post Index Contract
Preview-data v0.6 may define which content owns the site root and whether a post index is emitted.
Default policy:
```json
{
"front_page": { "type": "theme_index" },
"post_index": {
"enabled": true,
"path": "/",
"paginate": true
}
}
```
Supported `front_page.type` values:
| Value | Behavior |
| --- | --- |
| `theme_index` | Render `theme/index.html` at `/` |
| `page` | Render the page identified by `page_slug` at `/` |
| `standalone_html` | Write trusted full HTML from `html` directly to `/index.html` |
For `front_page.type: "page"`, `page_slug` is required. The selected page is rendered at `/`, and its normal page route is not emitted. For example, if the selected page would normally render at `/home/`, only `/` is generated for that page. Sitemap, canonical, and OpenGraph URL use `/`.
For `front_page.type: "standalone_html"`, `html` must be a non-empty string. The value is trusted raw full HTML. Theme layout, theme asset rewriting, `custom_css`, and `custom_html` injection are not applied to this root file.
`post_index` controls the post list route rendered with `theme/index.html`.
| Field | Default | Meaning |
| --- | --- | --- |
| `enabled` | `true` | Whether to emit the post index route |
| `path` | `/` | Absolute public route for the post index |
| `paginate` | `true` | Whether to emit page 2+ routes |
`post_index.path` must be `/` or a safe absolute route path such as `/blog/`. It cannot include `.html`, query strings, hash fragments, empty segments, or unsafe path segments.
Post index behavior:
- `enabled: false` means page 1 and page 2+ routes are not emitted. If `path` or `paginate` are present, validators still check their type and format.
- `enabled: true` with `paginate: false` emits only page 1. `posts.items[]` contains at most `site.posts_per_page` posts and `pagination.enabled` is `false`.
- `enabled: true` with `paginate: true` emits page 1 and page 2+ routes when needed.
Theme capability can disable the post index. If `theme.json` sets `features.post_index: false`, build treats the post index as effectively disabled even when preview-data requests it. This is a theme capability hint, not a preview-data validation error.
If `front_page.type` is not `theme_index`, an enabled post index cannot also use `/`; configure a separate `post_index.path`, such as `/blog/`, or disable the post index.
## 7. URL-Like Fields vs Slugs
Slug fields and URL-like fields have different roles.
- Slugs are safe single path segments.
- URL-like fields such as `featured_image`, `avatar`, or menu item `url` may represent either absolute URLs or safe relative paths, depending on the field contract.
Media fields such as `featured_image` and author `avatar` are normalized by the renderer:
- absolute URLs are preserved after protocol validation
- relative or root-relative paths are resolved against `site.media_base_url` when `media_base_url` is non-empty
- relative or root-relative paths are preserved as written when `site.media_base_url` is empty
Generated SEO fields such as `og:image` are emitted only when the resolved media value is absolute. Set `site.media_base_url` when relative media should also appear in social preview metadata.
Managed media registry matching is exact after renderer media normalization. `content.media[]` does not replace existing media string fields. The original fields remain available as-is. When ZeroPress can match a normalized media string to a registry entry, build tooling exposes a derived companion object:
- posts receive `post.featured_media`
- pages receive `page.featured_media`
- post authors receive `post.author.avatar_media`
The derived object has:
```js
{ src, width, height, alt, srcset }
```
`srcset` is generated only when all of these are true:
- `site.media_delivery_mode` is `"media_domain"`
- `site.media_base_url` is non-empty
- the matched media URL is under `site.media_base_url`
- the media source is a raster image path such as `.jpg`, `.jpeg`, `.png`, `.webp`, or `.avif`
Responsive candidates are clipped to the original image width. Variant URLs use `w=