From 8d95a9154b7f3591a737f537afcd44a856322445 Mon Sep 17 00:00:00 2001
From: Robbie McElrath <rmcelrath@chromium.org>
Date: Tue, 18 Feb 2025 20:18:47 -0800
Subject: [PATCH] permissiosn: Clarify that manifest member is IWA-specific
 (#58)

---
 Permissions.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Permissions.md b/Permissions.md
index 3ab09a0..402d822 100644
--- a/Permissions.md
+++ b/Permissions.md
@@ -35,7 +35,7 @@ There are two mechanisms to control permissions on the Web today: [Permissions](
 
 It is a non-goal to automatically grant access to all permissions listed in the manifest – we want the user to remain in control of the app’s capabilities. Because of this, along with the fact that manifest restrictions represent a developer choice rather than a user choice, Permissions Policy is better suited as a mechanism to enforce these permission restrictions.
 
-We propose adding a new `permissions_policy` field to the Web App Manifest spec, which would contain a [policy directive](https://www.w3.org/TR/permissions-policy-1/#policy-directive) that maps [policy-controlled features](https://www.w3.org/TR/permissions-policy-1/#policy-controlled-feature) to an allowlist of origins. This field would define the default Permissions Policy for all top-level frames in an Isolated Web App. The [default allowlist](https://www.w3.org/TR/permissions-policy-1/#default-allowlists) for all policy-controlled features in Isolated Web Apps should default to 'none', and can only be expanded through the new permissions_policy manifest field. Child frame Permission Policies would inherit from their parent frame as they do today.
+We propose adding a new `permissions_policy` field as an Isolated Web App specific extension to the Web App Manifest spec, which would contain a [policy directive](https://www.w3.org/TR/permissions-policy-1/#policy-directive) that maps [policy-controlled features](https://www.w3.org/TR/permissions-policy-1/#policy-controlled-feature) to an allowlist of origins. This field would define the default Permissions Policy for all top-level frames in an Isolated Web App. The [default allowlist](https://www.w3.org/TR/permissions-policy-1/#default-allowlists) for all policy-controlled features in Isolated Web Apps should default to 'none', and can only be expanded through the new permissions_policy manifest field. Child frame Permission Policies would inherit from their parent frame as they do today.
 
 ```
 "permissions_policy": {