Using https://permission.site/permission-status, I tested the behavior of the permission API on iOS in regards to how the setting of "Other Websites" is respected. I took these steps: 1. Enable Location Services in iOS settings 2. Enable Location Services for Safari in settings 3. Safari Settings -> Location -> Edit -> Clear all domain specific settings 4. Safari Settings -> Location -> Other Websites -> Set to "Allow" 5. Visit https://permission.site/permission-status in Safari 6. Observe that permission status is reported as GRANTED 7. Click on Geolocation reports SUCCESS without visible prompt 8. Website Settings -> Location -> Set to "Deny" 9. Observe that the permission status is reported as GRANTED 10. Reload the page 11. Observe that the permission status is reported as GRANTED 12. Click on Geolocation reports "User denied geolocation" without visible prompt Expected behavior In step 9 and 11, `navigator.permissions.query({ name: 'geolocation' })` reports the site-specific permission status, i.e. "Permission Status" reports `DENIED` Observed behavior: Despite there being an origin-specific setting, in step 9 and 11, `navigator.permissions.query({ name: 'geolocation' })`, i.e. "Permission Status" reports `GRANTED`. This is in conflict with the behavior of the geolocation API failing in step 12. We want to provide a consistent end-to-end experience between content-area UI and browser-side UX. To do that, we need to understand how the browser UX will behave if (for example) we call the browser’s geolocation API -- will a permission prompt be shown? Or is the permission already granted or denied?