Abstract
This document discloses, as enabling public prior art, a content-management mechanism that layers a database-backed content overlay on top of an immutable set of static assets baked into a container image. A single GET-only "serve-override" resolver, keyed on the tuple (slug, locale, audience), returns a published database row when one exists and otherwise falls through to the baked file. The image is the read-only floor; the running pod is never written at request time. Two structural properties are central. First, a reserved-slug set — authentication, session, and OAuth callback paths — is never overridable, so security-critical routes always execute baked, reviewed code regardless of database state. Second, and the principal contribution, a per-row provenance enumeration (adminui, externalapi, aiagent, migration) selects the response security tier at serve time: untrusted provenances are sanitized at write into a separate served column and are served under a strict Content-Security-Policy (CSP), whereas byte-trusted migrated rows serve like the baked originals with no added CSP. Large-language-model (LLM) authorship is a first-class provenance tier, structurally forced — through a mandatory tool call — into the sanitize-on-write draft path, so machine-authored HTML can never bypass sanitization. Writes are transactional and paired with an append-only version audit enabling instant rollback. When the feature flag is off, behavior degrades to pure baked-file serving. The mechanism was engineered specifically against a documented failure class in which container-file overlays silently shadow rebuilt image bytes.
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Assuncao, gustavo matthew, "Provenance-Tiered Database Serve-Override CMS over Immutable Container Assets", Technical Disclosure Commons, ()
https://www.tdcommons.org/dpubs_series/10938