From 6c1e4b4a5112be7df2652cf40a56b16d253ca6e1 Mon Sep 17 00:00:00 2001
From: Theresa O'Connor <hober@apple.com>
Date: Fri, 8 May 2020 09:55:10 -0700
Subject: [PATCH] Try to address some of Brandon & John's feedback.

---
 storage-access.bs | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/storage-access.bs b/storage-access.bs
index 741b344..13c069c 100644
--- a/storage-access.bs
+++ b/storage-access.bs
@@ -220,14 +220,16 @@ To <dfn type="abstract-op">determine if a site has storage access</dfn> with [=p
 
 To <dfn type="abstract-op">determine the storage access policy</dfn> for [=partitioned storage key=] |key| with {{Document}} |doc| and {{Promise}} |p|, run these steps:
 
+1. Let |map| be the result of [=obtain the storage access map|obtaining the storage access map=] for |doc|.
+1. Let |flag set| be the result of [=obtain a storage access flag set|obtaining the storage access flag set=] with |key| from |map|.
 1. Let |implicitly granted| and |implicitly denied| (each a [=boolean=]) be the result of running an [=implementation-defined=] set of steps to determine if |key|'s [=partitioned storage key/embedded site=]'s request for storage access on |key|'s [=partitioned storage key/top-level site=] should be granted or denied without prompting the user.
+
+    Note: These [=implementation-defined=] set of steps might result in |flag set|'s [=has storage access flag=] and [=was expressly denied storage access flag=] changing, since the User Agent could have relevant out-of-band information (e.g. a user preference that changed) that this specification is unaware of.
 1. If |implicitly granted| is true, [=/resolve=] |p| and return.
 1. If |implicitly denied| is true, [=/reject=] |p| and return.
 1. Ask the user if they would like to grant |key|'s [=partitioned storage key/embedded site=] access to its [=first party data=] when it's loaded in a [=third party context=] on |key|'s [=partitioned storage key/top-level site=], and wait for an answer. Let |expressly granted| and |expressly denied| (both [=booleans=]) be the result.
 
-    Note: While |expressly granted| and |expressly denied| cannot both be true, they *can* both be false: users can dismiss the prompt without choosing to allow or deny the request. This is interpreted as a denial.
-1. Let |map| be the result of [=obtain the storage access map|obtaining the storage access map=] for |doc|.
-1. Let |flag set| be the result of [=obtain a storage access flag set|obtaining the storage access flag set=] with |key| from |map|.
+    Note: While |expressly granted| and |expressly denied| cannot both be true, they could both be false in User Agents which allow users to dismiss the prompt without choosing to allow or deny the request. (Such a dismissal is interpreted in this algorithm as a denial.)
 1. If |expressly granted| is true, run these steps:
     1. Unset |flag set|'s [=was expressly denied storage access flag=].
     1. [=Save the storage access flag set=] for |key| in |map|.