From 535ad800cbf72e69e8f80b3a4905752748947e29 Mon Sep 17 00:00:00 2001
From: Mirko Brodesser <129945747+mbrodesser-Igalia@users.noreply.github.com>
Date: Thu, 6 Feb 2025 08:16:10 +0100
Subject: [PATCH] Use "navigation request's policy container's CSP list"
 instead of "navigation request's client's global object's CSP list" (#692)

Complements https://github.com/w3c/webappsec-csp/pull/494 in order make
the spec consistent.

Preparation to fix https://github.com/whatwg/html/issues/4651.
---
 index.bs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/index.bs b/index.bs
index 3fdc782312..ccd23861bb 100644
--- a/index.bs
+++ b/index.bs
@@ -1315,9 +1315,9 @@ spec:SRI; urlPrefix: https://w3c.github.io/webappsec-subresource-integrity
     3.  If |result| is "`Allowed`", and if |navigation request|'s
         <a for="request">current URL</a>'s <a for="url">scheme</a> is `javascript`:
 
-        1.  <a for=list>For each</a> |policy| of |navigation request|'s <a for="request">client</a>'s
-            <a for="environment settings object">global object</a>'s
-            <a for="global object">CSP list</a>:
+        1.  <a for=list>For each</a> |policy| of |navigation request|'s
+            <a for="request">policy container</a>'s
+            <a for="policy container">CSP list</a>:
 
             1.  <a for=set>For each</a> |directive| of |policy|: