@@ -1313,16 +1313,19 @@ partial interface HTMLIFrameElement {
|
1313 | 1313 | Given a [=policy-controlled feature|feature=] (|feature|) and a <a for="/">request</a> (|request|), |
1314 | 1314 | this algorithm returns <code>true</code> if the request should be allowed to |
1315 | 1315 | use |feature|, and <code>false</code> otherwise. |
1316 | | - 1. Set |window| to |request|’s <a for="request">window</a>. |
1317 | | - 1. If |window| is not a {{Window}}, return <code>false</code>. |
| 1316 | + 1. Let |client| be |request|’s [=request/client=]. |
| 1317 | + 1. If |client| is null, return <code>false</code>. |
| 1318 | + 1. If |client|'s [=environment settings object/global object=] is not a {{Window}}, return |
| 1319 | +<code>false</code>. |
1318 | 1320 | <div class="issue">Permissions Policy within non-Window contexts |
1319 | 1321 | ({{WorkerGlobalScope}} or {{WorkletGlobalScope}}) is being figured out in |
1320 | 1322 | <a href="https://github.com/w3c/webappsec-permissions-policy/issues/207">issue |
1321 | 1323 | #207</a>. After that’s resolved, update this algorithm to allow fetches |
1322 | 1324 | initiated within these contexts to use policy-controlled features. |
1323 | 1325 | *Until* that’s resolved, disallow all policy-controlled features (e.g., |
1324 | 1326 | sending Client Hints to third parties) in these contexts.</div> |
1325 | | - 1. Set |document| to |window|’s <a>associated `Document`</a>. |
| 1327 | + 1. Set |document| to |client|’s [=environment settings object/global object=]’s |
| 1328 | +<a>associated `Document`</a>. |
1326 | 1329 | 1. Let |origin| be |request|’s <a for="request">origin</a>. |
1327 | 1330 | 1. Let |result| be the result of executing <a abstract-op>Is feature |
1328 | 1331 | enabled in document for origin?</a> on |feature|, |document|, and |origin|. |
|