diff --git a/nyxt.asd b/nyxt.asd
index b8e59bf6919..d3d129525cf 100644
--- a/nyxt.asd
+++ b/nyxt.asd
@@ -363,7 +363,7 @@
   :components ((:file "renderer-package")
                (:file "renderer-offline/set-url")
                (:file "renderer-offline/execute-command-eval")
-               (:file "renderer-offline/nyxt-url-security")
+               (:file "renderer-offline/custom-schemes")
                (:file "renderer-offline/search-buffer")
                ;; See https://github.com/atlas-engineer/nyxt/issues/3172
                ;; (:file "renderer-online/set-url")
diff --git a/source/changelog.lisp b/source/changelog.lisp
index 80de7efcfba..80686f70962 100644
--- a/source/changelog.lisp
+++ b/source/changelog.lisp
@@ -27,7 +27,7 @@
 
 (define-version "4.0.0"
   (:ul
-   (:li "Refactor lisp schemes URLs API.")
+   (:li "Refactor custom schemes URLs API.")
    (:li "Deprecate slot " (:code "status-buffer-position") "in favour of"
         (:nxref :slot 'placement :class-name 'status-buffer) ".")
    (:li "Deprecate slot " (:code "prompt-buffer-open-height") " since "
diff --git a/source/foreign-interface.lisp b/source/foreign-interface.lisp
index cdb2b1c6767..8897503e6cc 100644
--- a/source/foreign-interface.lisp
+++ b/source/foreign-interface.lisp
@@ -123,6 +123,10 @@ When URL is non-nil, relative URLs are resolved against it.")
 Like `ffi-buffer-load-html', except that it doesn't influence the BUFFER history
 or CSS/HTML cache.")
 
+(define-ffi-generic ffi-register-custom-scheme (scheme)
+  "Register internal custom SCHEME.
+See `scheme'.")
+
 (define-ffi-generic ffi-buffer-evaluate-javascript (buffer javascript &optional world-name)
   "Evaluate JAVASCRIPT, encoded as a string, in BUFFER.")
 (define-ffi-generic ffi-buffer-evaluate-javascript-async (buffer javascript &optional world-name)
diff --git a/source/manual.lisp b/source/manual.lisp
index 0da5c7fd9a3..5ce3978170d 100644
--- a/source/manual.lisp
+++ b/source/manual.lisp
@@ -382,39 +382,18 @@ Nyxt provides. For example, one can use the "
             "Bookmark Link")))
 
       (:nsection :title "Custom URL schemes"
-        (:p "If there's a scheme that Nyxt doesn't support, but you want it to, you can
-always define the handler for this scheme so that it's Nyxt-openable.")
-        (:p "As a totally hypothetical example, you can define a nonsense scheme "
-            (:code "bleep") " to generate a page with random text:")
+        (:p "Nyxt can register custom schemes that run a handler on URL load.")
+        (:p "The example below defines a scheme " (:code "hello") " that replies
+            accordingly when loading URLs " (:code "hello:world") " and "
+            (:code "hello:mars") ".")
         (:ncode
-          '(define-internal-scheme "bleep"
-            (lambda (url buffer)
-              (values
-               (spinneret:with-html-string
-                 (:h1 "Bleep bloop?")
-                 (:p (loop repeat (parse-integer (quri:uri-path (url url)) :junk-allowed t)
-                           collect (:li (elt '("bleep" "bloop") (random 2))))))
-               "text/html;charset=utf8"))
-            :local-p t))
-        (:p "What this piece of code does is")
-        (:ul
-         (:li "Define a new scheme.")
-         (:li "Make a handler for it that takes the URL (as a string) and a buffer it's being
-opened in.")
-         (:li "Read the path (the part after the bleep:) of the URL and interpret it as a number.")
-         (:ul
-          (:li "(Note that you need to wrap the URL into a " (:nxref :function 'url)
-               " call so that it turns into a " (:nxref :class-name 'quri:uri)
-               " for the convenience of path (and other elements) fetching.)"))
-         (:li "Generate a random list of \"bleep\" and \"bloop\".")
-         (:li "Return it as a " (:code "text/html") " content."))
-        (:p "The next time you run Nyxt and open " (:code "bleep:20")
-            ", you'll see a list of twenty bleeps and bloops.")
-        (:p "Internal schemes can return any type of content (both strings and arrays of
-bytes are recognized), and they are capable of being "
-            (:nxref :class-name 'scheme :slot 'cors-enabled-p "CORS-enabled")
-            ", " (:nxref :class-name 'scheme :slot 'local-p "protected")
-            ", and are in general capable of whatever the renderer-provided schemes do.")
+          '(define-internal-scheme "hello"
+            (lambda (url)
+              (if (string= (quri:uri-path (url url)) "world")
+                  (spinneret:with-html-string (:p "Hello, World!"))
+                  (spinneret:with-html-string (:p "Please instruct me on how to greet you!"))))))
+        (:p "Note that scheme privileges, such as enabling the Fetch API or
+enabling CORS requests are renderer-specific.")
 
         (:nsection :title "nyxt: URLs and internal pages"
           (:p "You can create pages out of Lisp commands, and make arbitrary computations for
diff --git a/source/mode/document.lisp b/source/mode/document.lisp
index b7a04171aca..599c65345a5 100644
--- a/source/mode/document.lisp
+++ b/source/mode/document.lisp
@@ -267,12 +267,9 @@ Otherwise, create a dummy buffer with URL to get its source."
         (ffi-buffer-delete buffer)))))
 
 (define-internal-scheme "view-source"
-  (lambda (url buffer)
-    (declare (ignore buffer))
-    (values
-     (get-url-source (quri:url-decode (quri:uri-path (quri:uri url))))
-     "text/plain"))
-  :no-access-p t)
+    (lambda (url)
+      (values (get-url-source (quri:url-decode (quri:uri-path (quri:uri url))))
+              "text/plain")))
 
 (define-command-global view-source (&key (url (url (current-buffer))))
   "View source of the URL (by default current page) in a separate buffer."
diff --git a/source/mode/editor.lisp b/source/mode/editor.lisp
index 783f8182a8a..7214d1c39c3 100644
--- a/source/mode/editor.lisp
+++ b/source/mode/editor.lisp
@@ -92,8 +92,8 @@ See `describe-class editor-mode' for details."))
   (uiop:parse-native-namestring (quri:uri-path (url buffer))))
 
 (define-internal-scheme "editor"
-    (lambda (url buffer)
-      (markup (find-submode 'editor-mode buffer)
+    (lambda (url)
+      (markup (find-submode 'editor-mode)
               (uiop:read-file-string (quri:uri-path (quri:uri url))))))
 
 (defmethod editor ((editor-buffer editor-buffer))
@@ -157,3 +157,6 @@ BUFFER is of type `editor-buffer'."
                             (prompt1 :prompt "Edit user file"
                                      :sources 'nyxt::user-file-source)))))
   (edit-file file-path))
+
+(define-auto-rule '(match-scheme "editor")
+  :included '(nyxt/mode/editor:editor-mode))
diff --git a/source/mode/plaintext-editor.lisp b/source/mode/plaintext-editor.lisp
index 5a276e334fe..6db65197c29 100644
--- a/source/mode/plaintext-editor.lisp
+++ b/source/mode/plaintext-editor.lisp
@@ -9,7 +9,6 @@
 It renders the file in a single textarea HTML element.  Enabled by default for
 `editor-buffer's."
   ((visible-in-status-p nil)
-   (rememberable-p nil)
    (style (theme:themed-css (theme *browser*)
             `("body"
               :margin 0)
@@ -44,3 +43,6 @@ It renders the file in a single textarea HTML element.  Enabled by default for
 (defmethod get-content ((editor plaintext-editor-mode))
   (ps-eval :buffer (buffer editor)
     (ps:chain (nyxt/ps:qs document "#editor") value)))
+
+(define-auto-rule '(match-scheme "editor")
+  :included '(nyxt/mode/editor:plaintext-editor-mode))
diff --git a/source/mode/small-web.lisp b/source/mode/small-web.lisp
index c99f8d0febc..a7e573a9289 100644
--- a/source/mode/small-web.lisp
+++ b/source/mode/small-web.lisp
@@ -35,9 +35,9 @@ Gemini support is a bit more brittle, but you can override `line->html' for
    (url :documentation "The URL being opened.")
    (model :documentation "The contents of the current page.")
    (redirections nil :documentation "The list of redirection Gemini URLs.")
-   (allowed-redirections-count
+   (max-redirections
     5
-    :documentation "The number of redirections that Gemini resources are allowed to make.")
+    :documentation "The maximum number of times a redirection is attempted.")
    (style (theme:themed-css (nyxt::theme *browser*)
             `(body
               :background-color ,theme:background)
@@ -187,22 +187,19 @@ Implies that `small-web-mode' is enabled."))
 (defmethod gopher-render ((line cl-gopher:gif)) (render-binary-content line "image/gif"))
 (defmethod gopher-render ((line cl-gopher:png)) (render-binary-content line "image/png"))
 
-;; TODO: :display-isolated-p? Gopher's behavior implies inability to embed it
-;; into pages of the bigger Web, which is exactly what display-isolated means.
 (define-internal-scheme "gopher"
-    (lambda (url buffer)
+    (lambda (url)
       (handler-case
-          (let* ((line (if (uiop:emptyp (quri:uri-path (quri:uri url)))
-                           (buffer-load (str:concat url "/") :buffer buffer)
-                           (cl-gopher:parse-gopher-uri url))))
+          (let ((line (if (uiop:emptyp (quri:uri-path (quri:uri url)))
+                          (buffer-load (str:concat url "/"))
+                          (cl-gopher:parse-gopher-uri url))))
             (if (and (typep line 'cl-gopher:search-line)
                      (uiop:emptyp (cl-gopher:terms line)))
                 (progn (setf (cl-gopher:terms line)
                              (prompt1 :prompt (format nil "Search query for ~a" url)
                                       :sources 'prompter:raw-source))
-                       (buffer-load (cl-gopher:uri-for-gopher-line line) :buffer buffer))
-                (with-current-buffer buffer
-                  (gopher-render line))))
+                       (buffer-load (cl-gopher:uri-for-gopher-line line)))
+                (with-current-buffer (current-buffer) (gopher-render line))))
         (cl-gopher:bad-submenu-error ()
           (error-help (format nil "Malformed line at ~s" url)
                       (format nil "One of the lines on this page has an improper format.
@@ -266,7 +263,7 @@ Please, check URL correctness and try again.")))
     (:br)))
 
 (export-always 'gemtext-render)
-(defun gemtext-render (gemtext buffer)
+(defun gemtext-render (gemtext &optional (buffer (current-buffer)))
   "Renders the Gemtext (Gemini markup format) to HTML.
 
 Implies that `small-web-mode' is enabled."
@@ -282,46 +279,46 @@ Implies that `small-web-mode' is enabled."
                     collect (:raw (nyxt/mode/small-web:line->html element))))
             "text/html;charset=utf8")))
 
-;; TODO: :secure-p t? Gemini is encrypted, so it can be considered secure.
 (define-internal-scheme "gemini"
-    (lambda (url buffer)
+    (lambda (url)
       (handler-case
           (sera:mvlet* ((status meta body (gemini:request url)))
             (unless (member status '(:redirect :permanent-redirect))
-              (setf (nyxt/mode/small-web:redirections (find-submode 'small-web-mode)) nil))
-            (case status
-              ((:input :sensitive-input)
-               (let ((text (quri:url-encode
-                            (handler-case
-                                (prompt1 :prompt meta
-                                         :sources 'prompter:raw-source
-                                         :invisible-input-p (eq status :sensitive-input))
-                              (nyxt::prompt-buffer-canceled () "")))))
-                 (buffer-load (str:concat url "?" text) :buffer buffer)))
-              (:success
-               (if (str:starts-with-p "text/gemini" meta)
-                   (gemtext-render body buffer)
-                   (values body meta)))
-              ((:redirect :permanent-redirect)
-               (push url (nyxt/mode/small-web:redirections (find-submode 'small-web-mode)))
-               (if (< (length (nyxt/mode/small-web:redirections (find-submode 'small-web-mode)))
-                      (nyxt/mode/small-web:allowed-redirections-count (find-submode 'small-web-mode)))
-                   (buffer-load (quri:merge-uris (quri:uri meta) (quri:uri url)) :buffer buffer)
-                   (error-help
-                    "Error"
-                    (format nil "The server has caused too many (~a+) redirections.~& ~a~{ -> ~a~}"
-                            (nyxt/mode/small-web:allowed-redirections-count (find-submode 'small-web-mode))
-                            (alex:lastcar (nyxt/mode/small-web:redirections (find-submode 'small-web-mode)))
-                            (butlast (nyxt/mode/small-web:redirections (find-submode 'small-web-mode)))))))
-              ((:temporary-failure :server-unavailable :cgi-error :proxy-error
-                :permanent-failure :not-found :gone :proxy-request-refused :bad-request)
-               (error-help "Error" meta))
-              (:slow-down
-               (error-help
-                "Slow down error"
-                (format nil "Try reloading the page in ~a seconds." meta)))
-              ((:client-certificate-required :certificate-not-authorised :certificate-not-valid)
-               (error-help "Certificate error" meta))))
+                (setf (nyxt/mode/small-web:redirections (find-submode 'small-web-mode)) nil))
+              (case status
+                ((:input :sensitive-input)
+                 (let ((text (quri:url-encode
+                              (handler-case
+                                  (prompt1 :prompt meta
+                                           :sources 'prompter:raw-source
+                                           :invisible-input-p (eq status :sensitive-input))
+                                (nyxt::prompt-buffer-canceled () "")))))
+                   (buffer-load (str:concat url "?" text))
+                   nil))
+                (:success
+                 (if (str:starts-with-p "text/gemini" meta)
+                     (gemtext-render body)
+                     (values body meta)))
+                ((:redirect :permanent-redirect)
+                 (push url (nyxt/mode/small-web:redirections (find-submode 'small-web-mode)))
+                 (if (< (length (nyxt/mode/small-web:redirections (find-submode 'small-web-mode)))
+                        (nyxt/mode/small-web:max-redirections (find-submode 'small-web-mode)))
+                     (progn (buffer-load (quri:merge-uris (quri:uri meta) (quri:uri url))) nil)
+                     (error-help
+                      "Error"
+                      (format nil "The server has caused too many (~a+) redirections.~& ~a~{ -> ~a~}"
+                              (nyxt/mode/small-web:max-redirections (find-submode 'small-web-mode))
+                              (alex:lastcar (nyxt/mode/small-web:redirections (find-submode 'small-web-mode)))
+                              (butlast (nyxt/mode/small-web:redirections (find-submode 'small-web-mode)))))))
+                ((:temporary-failure :server-unavailable :cgi-error :proxy-error
+                  :permanent-failure :not-found :gone :proxy-request-refused :bad-request)
+                 (error-help "Error" meta))
+                (:slow-down
+                 (error-help
+                  "Slow down error"
+                  (format nil "Try reloading the page in ~a seconds." meta)))
+                ((:client-certificate-required :certificate-not-authorised :certificate-not-valid)
+                 (error-help "Certificate error" meta))))
         (gemini::malformed-response (e)
           (error-help
            "Malformed response"
diff --git a/source/renderer-script.lisp b/source/renderer-script.lisp
index b457be9c272..09c076c3283 100644
--- a/source/renderer-script.lisp
+++ b/source/renderer-script.lisp
@@ -203,10 +203,7 @@ Overwrites the whole HTML document (head and body elements included)."
 (export-always 'match-internal-page)
 (defun match-internal-page (symbol)
   "Return a predicate for URL designators matching the page of SYMBOL name."
-  #'(lambda (url)
-      (and (str:starts-with-p "nyxt:" (render-url url))
-           (eq (parse-nyxt-url url)
-               symbol))))
+  #'(lambda (url) (eq (internal-page-name url) symbol)))
 
 (define-class internal-page (command)
   ((dynamic-title ; Not `title' so that it does not clash with other `title' methods.
@@ -333,11 +330,6 @@ See `find-internal-page-buffer'."))
       (t
        (format nil "*~a*" (string-downcase (name page)))))))
 
-(defun internal-page-name (url)
-  (when (string= "nyxt" (quri:uri-scheme url))
-    (uiop:safe-read-from-string
-     (str:upcase (quri:uri-path url)) :package :nyxt)))
-
 ;; (-> find-internal-page-buffer (internal-page-symbol) (maybe buffer))
 (defun find-internal-page-buffer (name) ; TODO: Test if CCL can catch bad calls at compile-time.
   "Return first buffer which URL is a NAME `internal-page'."
@@ -345,10 +337,7 @@ See `find-internal-page-buffer'."))
 
 (defun find-url-internal-page (url)
   "Return the `internal-page' to which URL corresponds."
-  (and (equal "nyxt" (quri:uri-scheme url))
-       (gethash
-        (internal-page-name url)
-        *nyxt-url-commands*)))
+  (gethash (internal-page-name url) *nyxt-url-commands*))
 
 (export-always 'buffer-load-internal-page-focus)
 (defun buffer-load-internal-page-focus (name &rest args)
diff --git a/source/renderer/gtk.lisp b/source/renderer/gtk.lisp
index 6d17812ef94..dfe431cb9b7 100644
--- a/source/renderer/gtk.lisp
+++ b/source/renderer/gtk.lisp
@@ -810,11 +810,109 @@ See `gtk-browser's `modifier-translator' slot."
       (funcall (input-dispatcher window) event sender window))))
 
 (define-class gtk-scheme ()
-  ()
+  ((context
+    nil
+    :writer nil
+    :reader t
+    :documentation "See `webkit-web-context'.")
+   (local-p
+    nil
+    :writer nil
+    :reader t
+    :documentation "Whether pages of other URI schemes cannot access URIs of
+this scheme.")
+   (no-access-p
+    nil
+    :writer nil
+    :reader t
+    :documentation "Whether pages of this URI scheme cannot access other URI schemes.")
+   (secure-p
+    nil
+    :writer nil
+    :reader t
+    :documentation "Whether mixed content warnings aren't generated for this
+scheme when included by an HTTPS page.
+
+See https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content.")
+   (cors-enabled-p
+    nil
+    :writer nil
+    :reader t
+    :documentation "Whether CORS requests are allowed.")
+   (display-isolated-p
+    nil
+    :writer nil
+    :reader t
+    :documentation "Whether pages cannot display URIs unless they are from the
+same scheme.
+For example, pages in another origin cannot create iframes or hyperlinks to URIs
+with this scheme.")
+   (empty-document-p
+    nil
+    :writer nil
+    :reader t
+    :documentation "Whether pages are allowed to be loaded synchronously."))
   (:export-class-name-p t)
   (:export-accessor-names-p t)
   (:documentation "Related to WebKit's custom schemes."))
 
+(defmethod manager ((scheme gtk-scheme))
+  (webkit:webkit-web-context-get-security-manager (context scheme)))
+
+(defmethod (setf local-p) (value (scheme gtk-scheme))
+  (when value
+    (webkit:webkit-security-manager-register-uri-scheme-as-local (manager scheme)
+                                                                 (name scheme)))
+  (setf (slot-value scheme 'local-p) value))
+
+(defmethod (setf no-access-p) (value (scheme gtk-scheme))
+  (when value
+    (webkit:webkit-security-manager-register-uri-scheme-as-no-access (manager scheme)
+                                                                     (name scheme)))
+  (setf (slot-value scheme 'no-access-p) value))
+
+(defmethod (setf secure-p) (value (scheme gtk-scheme))
+  (when value
+    (webkit:webkit-security-manager-register-uri-scheme-as-secure (manager scheme)
+                                                                  (name scheme)))
+  (setf (slot-value scheme 'secure-p) value))
+
+(defmethod (setf cors-enabled-p) (value (scheme gtk-scheme))
+  (when value
+    (webkit:webkit-security-manager-register-uri-scheme-as-cors-enabled (manager scheme)
+                                                                        (name scheme)))
+  (setf (slot-value scheme 'cors-enabled-p) value))
+
+(defmethod (setf display-isolated-p) (value (scheme gtk-scheme))
+  (when value
+    (webkit:webkit-security-manager-register-uri-scheme-as-display-isolated (manager scheme)
+                                                                            (name scheme)))
+  (setf (slot-value scheme 'display-isolated-p) value))
+
+(defmethod (setf empty-document-p) (value (scheme gtk-scheme))
+  (when value
+    (webkit:webkit-security-manager-register-uri-scheme-as-empty-document (manager scheme)
+                                                                          (name scheme)))
+  (setf (slot-value scheme 'empty-document-p) value))
+
+(defmethod initialize-instance :after ((scheme gtk-scheme) &key)
+  ;; NOTE: No security settings for the nyxt scheme since:
+  ;; - :local-p makes it inaccessible from other schemes.
+  ;; - :display-isolated-p does not allow embedding a nyxt scheme page inside a
+  ;;   page of the same scheme.
+  ;; - :secure-p and :cors-enabled-p are too permissive for a scheme that allows
+  ;;   evaluating Lisp code.
+  ;; Therefore, no settings provide the best configuration so that:
+  ;; - <iframe> embedding and exploitation are impossible.
+  ;; - Redirection—both as window.location.(href|assign|replace) and
+  ;;   HTTP status code 301—works.
+  ;; - nyxt scheme pages are linkable from pages of other schemes.
+  (match (name scheme)
+    ("nyxt-resource" (setf (secure-p scheme) t))
+    ("lisp" (setf (cors-enabled-p scheme) t))
+    ("view-source" (setf (no-access-p scheme) t))
+    (_ t)))
+
 ;; From https://github.com/umpirsky/language-list/tree/master/data directory
 ;; listing $(ls /data) and processed with:
 ;; (defun iso-languages (languages-file-string)
@@ -884,6 +982,17 @@ See `gtk-browser's `modifier-translator' slot."
      pointer)
     (cffi:foreign-free pointer)))
 
+(defmethod ffi-register-custom-scheme ((scheme gtk-scheme))
+  ;; FIXME If a define-internal-scheme is updated at runtime, it is not honored.
+  (webkit:webkit-web-context-register-uri-scheme-callback
+   (context scheme)
+   (name scheme)
+   (lambda (request)
+     (funcall* (callback scheme)
+               (webkit:webkit-uri-scheme-request-get-uri request)))
+   (or (error-callback scheme)
+       (lambda (c) (echo-warning "Error while routing ~s resource: ~a" scheme c)))))
+
 (defun make-context (name &key ephemeral-p)
   (let* ((context
            (if ephemeral-p
@@ -932,52 +1041,13 @@ See `gtk-browser's `modifier-translator' slot."
        (declare (ignore context))
        (with-protect ("Error in \"download-started\" signal thread: ~a" :condition)
          (wrap-download download))))
-    (maphash
-     (lambda (scheme scheme-object)
-       (webkit:webkit-web-context-register-uri-scheme-callback
-        context scheme
-        (lambda (request)
-          (let ((nyxt::*interactive-p* t)
-                ;; Look up the scheme-object again so that we can live-update
-                ;; the callback without having to create a new view with a new
-                ;; context.
-                (scheme-object (gethash scheme nyxt::*schemes*)))
-            (funcall* (callback scheme-object)
-                      (webkit:webkit-uri-scheme-request-get-uri request)
-                      (find (webkit:webkit-uri-scheme-request-get-web-view request)
-                            (delete nil
-                                    (append (list (status-buffer (current-window))
-                                                  (message-buffer (current-window)))
-                                            (nyxt::active-prompt-buffers (current-window))
-                                            (nyxt::panel-buffers (current-window))
-                                            (buffer-list)))
-                            :key #'gtk-object))))
-        (or (error-callback scheme-object)
-            (lambda (condition)
-              (echo-warning "Error while routing ~s resource: ~a" scheme condition))))
-       ;; We err on the side of caution, assigning the most restrictive policy
-       ;; out of those provided. Should it be the other way around?
-       (let ((manager (webkit:webkit-web-context-get-security-manager context)))
-         (cond
-           ((local-p scheme-object)
-            (webkit:webkit-security-manager-register-uri-scheme-as-local
-             manager scheme))
-           ((no-access-p scheme-object)
-            (webkit:webkit-security-manager-register-uri-scheme-as-no-access
-             manager scheme))
-           ((display-isolated-p scheme-object)
-            (webkit:webkit-security-manager-register-uri-scheme-as-display-isolated
-             manager scheme))
-           ((secure-p scheme-object)
-            (webkit:webkit-security-manager-register-uri-scheme-as-secure
-             manager scheme))
-           ((cors-enabled-p scheme-object)
-            (webkit:webkit-security-manager-register-uri-scheme-as-cors-enabled
-             manager scheme))
-           ((empty-document-p scheme-object)
-            (webkit:webkit-security-manager-register-uri-scheme-as-empty-document
-             manager scheme)))))
-     nyxt::*schemes*)
+    (maphash (lambda (scheme-name callbacks)
+               (ffi-register-custom-scheme (make-instance 'scheme
+                                                          :name scheme-name
+                                                          :context context
+                                                          :callback (first callbacks)
+                                                          :error-callback (second callbacks))))
+             nyxt::*schemes*)
     (unless (or ephemeral-p
                 (internal-context-p name))
       (let ((cookies-path (files:expand (make-instance 'cookies-file :context-name name))))
@@ -1125,14 +1195,6 @@ See `finalize-buffer'."
         (webkit:webkit-policy-decision-ignore response-policy-decision))
        ((not (valid-scheme-p (quri:uri-scheme (url request-data))))
         (uiop:launch-program (list *open-program* (quri:render-uri (url request-data)))))
-       ((and (quri:uri= url (url request-data))
-             (str:starts-with-p "text/gemini" (mime-type request-data)))
-        (log:debug "Processing gemtext from ~a." (render-url url))
-        (enable-modes* 'nyxt/mode/small-web:small-web-mode (buffer request-data))
-        (webkit:webkit-policy-decision-ignore response-policy-decision)
-        (ffi-buffer-load-html
-         buffer (nyxt/mode/small-web:gemtext-render (or (ignore-errors (dex:get (quri:render-uri url))) "") buffer)
-         url))
        ((not (known-type-p request-data))
         (log:debug "Initiate download of ~s." (render-url (url request-data)))
         (webkit:webkit-policy-decision-download response-policy-decision))
diff --git a/source/urls.lisp b/source/urls.lisp
index 97eabd53d1a..2d62edf7acc 100644
--- a/source/urls.lisp
+++ b/source/urls.lisp
@@ -92,48 +92,27 @@ The URL is fetched, which explains possible bottlenecks."
 Should be redefined by the renderer."))
 
 (define-class scheme (renderer-scheme)
-  ((name (error "Scheme must have a name/scheme")
-         :documentation "Scheme/name of the internal scheme.
-For instance, \"gopher\", \"irc\".")
+  ((name
+    (alex:required-argument 'name)
+    :documentation "The custom scheme name to handle.
+HTTPS or FILE are examples of schemes.")
    (callback
     nil
     :type (or null function)
-    :documentation "Callback to get the page contents when accessing resource with this scheme.
-
-Takes two arguments: the URL with scheme and the buffer it was requested in.
-
-Returns up to five values:
-- The data for page contents (either as string or as a unsigned byte array).
-- The MIME type for the contents.
-- The status code for the request.
-- An alist of headers for the request.
-- A status reason phrase.")
+    :documentation "A function called on URL load that returns the page contents.
+
+It takes the URL as an argument and returns up to 5 values:
+- The data for page contents (either as string or as a unsigned byte array)
+- The MIME type for the contents
+- The status code for the request
+- An alist of headers for the request
+- A status reason phrase")
    (error-callback
     nil
     :type (or null function)
     :documentation "Callback to use when a condition is signaled.
 
-Accepts only one argument: the signaled condition.")
-   (local-p
-    nil
-    :documentation "Local schemes are not accessible to the pages of other schemes.")
-   (no-access-p
-    nil
-    :documentation "No-access schemes cannot access pages with any other scheme.")
-   (secure-p
-    nil
-    :documentation "Secure schemes can access the Web, Web can access them too.
-
-Requires encryption or other means of security.")
-   (cors-enabled-p
-    nil
-    :documentation "Whether other pages can do requests to the resources with this scheme.")
-   (display-isolated-p
-    nil
-    :documentation "Display-isolated schemes cannot be displayed (in iframes, for example) by other schemes.")
-   (empty-document-p
-    nil
-    :documentation "Empty document schemes can be loaded synchronously by websites referring to them."))
+Accepts only one argument: the signaled condition."))
   (:export-class-name-p t)
   (:export-accessor-names-p t)
   (:documentation "Representation of Nyxt-specific internal schemes.
@@ -147,30 +126,16 @@ content. In case something goes wrong, runs `error-callback'.")
 
 (defvar *schemes* (sera:dict)
   "A table of internal schemes registered in Nyxt.
-Keys are scheme strings, values are `scheme' objects.")
+It maps scheme names as strings to `scheme' objects.")
 
 (export-always 'define-internal-scheme)
-(defun define-internal-scheme (scheme-name callback
-                               &rest keys
-                               &key local-p
-                                 no-access-p
-                                 secure-p
-                                 cors-enabled-p
-                               &allow-other-keys)
-  "Define a handler (running CALLBACK) for SCHEME-NAME `scheme'.
-
-CALLBACK is called with two arguments:
-- the URL that was requested with this scheme, and
-- buffer that it was requested in.
-
-For keyword arguments' meaning, see the corresponding `scheme' slot
-documentation."
-  (declare (ignorable local-p no-access-p secure-p cors-enabled-p))
+(defun define-internal-scheme (scheme-name callback &optional error-callback)
+  "Define handler CALLBACK for SCHEME-NAME `scheme'.
+
+See the `callback' and `error-callback' slot documentation for their type
+signatures."
   (setf (gethash scheme-name *schemes*)
-        (apply #'make-instance 'scheme
-               :name scheme-name
-               :callback callback
-               keys)))
+        (list callback error-callback)))
 
 (defmemo lookup-hostname (name)
   "Resolve hostname NAME and memoize the result."
@@ -342,37 +307,34 @@ Authority is compared case-insensitively (RFC 3986)."
 
 (export-always 'nyxt-url)
 (-> nyxt-url (t &rest t &key &allow-other-keys) string)
-(defun nyxt-url (function-name &rest args &key &allow-other-keys)
-  "Generate a nyxt: URL from the given FUNCTION-NAME applied to ARGS.
- This is useful to generate internal pages.
-
-ARGS is an arbitrary keyword (!) arguments list that will be translated to
-URL parameters.
-
-The resulting URL should be perfectly parseable back to the initial form with
-`parse-nyxt-url'.
-
-Example:
-\(nyxt-url 'nyxt:describe-function :value 'nyxt:describe-value)
-=> \"nyxt:describe-function?value=NYXT%3ADESCRIBE-VALUE\"
-
-\(parse-nyxt-url (nyxt-url 'nyxt:describe-value :id \"1000\"))
-=> NYXT:DESCRIBE-VALUE
-=> (:ID \"1000\")"
-  (let ((*print-case* :downcase))
-    (if (gethash function-name *nyxt-url-commands*)
-        (let ((params (quri:url-encode-params
-                       (mapcar (lambda (pair)
-                                 (cons (symbol->param-name (first pair))
-                                       (value->param-value (rest pair))))
-                               (alexandria:plist-alist args))
-                       :space-to-plus t)))
-          (the (values string &optional)
-               (format nil "nyxt:~a~@[~*?~a~]"
-                       (symbol->param-name function-name)
-                       (not (uiop:emptyp params))
-                       params)))
-        (error "There's no nyxt:~a page defined" (symbol->param-name function-name)))))
+(defun nyxt-url (fn &rest args &key &allow-other-keys)
+  "Return a nyxt scheme URL encoding a call to FN with ARGS.
+It is useful to request `internal-page's.
+
+ARGS is an arbitrary keyword arguments list that is translated to a URL query."
+  (let* ((query (quri:url-encode-params (mapcar (lambda (pair)
+                                                  (cons (symbol->param-name (first pair))
+                                                        (value->param-value (rest pair))))
+                                                (alexandria:plist-alist args))
+                                        :space-to-plus t))
+         (url (quri:render-uri
+               (quri:make-uri
+                :scheme "nyxt"
+                :path (symbol->param-name fn)
+                :query (unless (uiop:emptyp query) query)))))
+    (if (internal-page-symbol-p fn)
+        url
+        (error "URL ~a is undefined." url))))
+
+(export-always 'internal-page-name)
+(-> internal-page-name ((or string quri:uri)) t)
+(defun internal-page-name (url)
+  (alex:when-let* ((%url (quri:uri url))
+                   (_ (string= "nyxt" (quri:uri-scheme %url))))
+    ;; As to account for nyxt:foo and nyxt://foo.
+    (uiop:safe-read-from-string (str:upcase (or (quri:uri-path %url)
+                                                (quri:uri-host %url)))
+                                :package :nyxt)))
 
 (export-always 'internal-url-p)
 (defun internal-url-p (url)
@@ -393,61 +355,21 @@ Example:
                (list key value)))
            params))
 
-(export-always 'parse-nyxt-url)
-(-> parse-nyxt-url ((or string quri:uri)) (values symbol list &optional))
-(defun parse-nyxt-url (url)
-  "Return two values parsed from the nyxt: URL:
-- the name of the `internal-page',
-- the arguments to it.
-
-Error out if some of the params are not constants. Thanks to this,
-`parse-nyxt-url' can be repeatedly called on the same nyxt: URL, with the
-guarantee of the same result."
-  (let* ((url (url url))
-         (symbol (quri:uri-path url))
-         ;; FIXME: While we ourselves guarantee the correctness of nyxt:// URLs,
-         ;; it would be nice to ensure it processes even the malformed URLs.
-         (params (quri:uri-query-params url))
-         (internal-page-name (uiop:safe-read-from-string (str:upcase symbol)
-                                                         :package (find-package :nyxt))))
-    (if (gethash internal-page-name *nyxt-url-commands*)
-        (values internal-page-name (query-params->arglist params))
-        (error "There's no nyxt:~a internal-page defined" symbol))))
-
 (define-internal-scheme "nyxt"
-    ;; NOTE: We don't set any security settings (such as :local-p, :secure-p
-    ;; etc.)  because:
-    ;; - :local-p makes nyxt:// scheme completely inaccessible from other schemes.
-    ;; - :display-isolated-p does not allow embedding a nyxt:// page even inside
-    ;;   the page of the same scheme. Self-embedding might be a use-case in the
-    ;;   future, thus :display-isolated-p is unusable.
-    ;; - :secure-p and :cors-enabled-p are both dangerously permissive for a
-    ;;   scheme that allows evaluating Lisp code.
-    ;; Not setting any security settings gives the best security/flexibility for
-    ;; our use-case:
-    ;; - <iframe> embedding and exploitation are impossible.
-    ;; - Redirection—both as window.location.(href|assign|replace) and
-    ;;   HTTP status code 301—works.
-    ;; - nyxt:// pages are linkable from outside Nyxt!
-    (lambda (url buffer)
-      (with-protect ("Error while processing the \"nyxt:\" URL: ~a" :condition)
-        (let ((url (quri:uri (str:replace-first "://" ":" url))))
-          (log:debug "Internal page ~a requested." url)
-          (multiple-value-bind (internal-page-name args)
-              (parse-nyxt-url url)
-            (when (and internal-page-name)
-              (alex:when-let ((internal-page (gethash internal-page-name *nyxt-url-commands*)))
-                (setf (title buffer) (apply #'dynamic-title internal-page args))
-                ;; FIXME: This allows `find-internal-page-buffer' to find the
-                ;; buffer and `form' to have this buffer as the buffer-var.
-                (setf (url buffer) (quri:uri url))
-                (apply (form internal-page) args))))))))
+    (lambda (url)
+      (let* ((%url (url url))
+             (internal-page (find-url-internal-page %url)))
+        (if internal-page
+            (progn
+              ;; Allow `find-internal-page-buffer' to find it.
+              (setf (url (current-buffer)) (quri:uri %url))
+              (apply (form internal-page)
+                     (query-params->arglist (quri:uri-query-params %url))))
+            (warn "No internal page corresponds to URL ~a" url)))))
 
 (define-internal-scheme "nyxt-resource"
-    (lambda (url buffer)
-      (declare (ignore buffer))
-      (nth-value 0 (gethash (quri:uri-path (url url)) *static-data*)))
-  :secure-p t)
+    (lambda (url)
+      (nth-value 0 (gethash (quri:uri-path (url url)) *static-data*))))
 
 (-> lisp-url (&rest t &key (:id string)
               (:buffer t)
@@ -481,8 +403,7 @@ TITLE is purely informative."
                   (ps:create :mode "no-cors"))))))
 
 (define-internal-scheme "lisp"
-    (lambda (url buffer)
-      (declare (ignore buffer))
+    (lambda (url)
       (alex:when-let* ((%url (quri:uri url))
                        (request-id (quri:uri-path %url))
                        (query (quri:uri-query-params %url))
@@ -504,8 +425,7 @@ TITLE is purely informative."
                (j:encode callback-output)))
            (log:warn "Request ~a isn't bound to a callback in buffer ~a" %url buffer))
          "application/json")))
-  :cors-enabled-p t
-  :error-callback (lambda (c) (log:debug "Error when evaluating lisp URL: ~a" c)))
+  (lambda (c) (log:debug "Error when evaluating lisp URL: ~a" c)))
 
 (-> path= (quri:uri quri:uri) boolean)
 (defun path= (url1 url2)
diff --git a/tests/offline/urls.lisp b/tests/offline/urls.lisp
index c5b0daa4bfd..55b43d44759 100644
--- a/tests/offline/urls.lisp
+++ b/tests/offline/urls.lisp
@@ -57,6 +57,16 @@
                    (quri:uri "https://search.atlas.engineer/searxng/search?q=foo:blank")
                    (url (first (nyxt::input->queries "foo:blank")))))
 
+(define-test nyxt-urls ()
+  (assert-error 'simple-error
+                (nyxt-url 'undefined-nyxt-command :param1 "foo" :param2 "bar"))
+  (assert-false (internal-page-name "foo:new"))
+  (assert-false (internal-page-name "foo://new"))
+  (assert-equal 'new
+                (internal-page-name "nyxt:new"))
+  (assert-equal 'new
+                (internal-page-name "nyxt://new")))
+
 (define-test url-processing ()
   ;; "Invalid URL (empty host)"
   (assert-false (valid-url-p "http://foo"))
diff --git a/tests/renderer-offline/nyxt-url-security.lisp b/tests/renderer-offline/custom-schemes.lisp
similarity index 63%
rename from tests/renderer-offline/nyxt-url-security.lisp
rename to tests/renderer-offline/custom-schemes.lisp
index 9341c2e92ac..44d8603e85d 100644
--- a/tests/renderer-offline/nyxt-url-security.lisp
+++ b/tests/renderer-offline/custom-schemes.lisp
@@ -3,9 +3,27 @@
 
 (in-package :nyxt/tests/renderer)
 
+(nyxt:define-internal-scheme "test"
+    (lambda (url)
+      (declare (ignore url))
+      (spinneret:with-html-string (:p "pass"))))
+
+(define-test register-custom-scheme ()
+  (let ((ready-channel (nyxt::make-channel 1)))
+    (nyxt:start :no-config t :no-auto-config t :headless t
+                :socket "/tmp/nyxt-test.socket" :profile "test")
+    (with-current-buffer (nyxt:make-buffer-focus :url "test:test")
+      (hooks:once-on (nyxt:buffer-loaded-hook (current-buffer)) (buffer)
+        (calispel:! ready-channel t))
+      (calispel:? ready-channel)
+      (sleep 1)
+      (assert-equal "pass"
+                    (nyxt:ps-eval (ps:chain (nyxt/ps:qs document "p") inner-text))))
+    (nyxt:quit)))
+
 (nyxt:define-internal-scheme "iframe-embed"
-    (lambda (url buffer)
-      (declare (ignorable url buffer))
+    (lambda (url)
+      (declare (ignore url))
       (spinneret:with-html-string
         (:script
          (ps:ps (defun check-iframe-loaded ()
@@ -20,9 +38,7 @@
         (:body
          :onload "checkIframeLoaded"
          (:iframe :src "nyxt:new")
-         (:span#text-check ""))))
-  ;; Same settings as HTTPS, imitating it.
-  :secure-p t)
+         (:span#text-check "")))))
 
 (define-test nyxt-url-not-iframe-embeddable ()
   (let ((ready-channel (nyxt::make-channel 1)))
@@ -37,5 +53,6 @@
       (calispel:? ready-channel)
       ;; More than enough time for nyxt:new to load and check-iframe-loaded to fire.
       (sleep 1)
-      (assert-equal "" (nyxt:ps-eval (ps:chain (nyxt/ps:qs document "#text-check") inner-text))))
+      (assert-equal ""
+                    (nyxt:ps-eval (ps:chain (nyxt/ps:qs document "#text-check") inner-text))))
     (nyxt:quit)))