diff --git a/dom/permission/PermissionSettings.jsm b/dom/permission/PermissionSettings.jsm
index 9c660febd93..6c948ffc2fc 100644
--- a/dom/permission/PermissionSettings.jsm
+++ b/dom/permission/PermissionSettings.jsm
@@ -35,7 +35,7 @@ this.PermissionSettingsModule = {
   },
 
 
-  _isChangeAllowed: function(aPrincipal, aPermName, aAction) {
+  _isChangeAllowed: function(aPrincipal, aPermName, aAction, aAppKind) {
     // Bug 812289:
     // Change is allowed from a child process when all of the following
     // conditions stand true:
@@ -50,7 +50,7 @@ this.PermissionSettingsModule = {
     // on permissionManager also but we currently don't.
     let perm =
       Services.perms.testExactPermissionFromPrincipal(aPrincipal,aPermName);
-    let isExplicit = isExplicitInPermissionsTable(aPermName, aPrincipal.appStatus);
+    let isExplicit = isExplicitInPermissionsTable(aPermName, aPrincipal.appStatus, aAppKind);
 
     return (aAction === "unknown" &&
             aPrincipal.appStatus === Ci.nsIPrincipal.APP_STATUS_NOT_INSTALLED) ||
@@ -68,8 +68,8 @@ this.PermissionSettingsModule = {
 
   _internalAddPermission: function _internalAddPermission(aData, aAllowAllChanges, aCallbacks) {
     let uri = Services.io.newURI(aData.origin, null, null);
-    let appID = appsService.getAppLocalIdByManifestURL(aData.manifestURL);
-    let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, aData.browserFlag);
+    let app = appsService.getAppByManifestURL(aData.manifestURL);
+    let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, app.localId, aData.browserFlag);
 
     let action;
     switch (aData.value)
@@ -92,12 +92,12 @@ this.PermissionSettingsModule = {
     }
 
     if (aAllowAllChanges ||
-        this._isChangeAllowed(principal, aData.type, aData.value)) {
-      debug("add: " + aData.origin + " " + appID + " " + action);
+        this._isChangeAllowed(principal, aData.type, aData.value, app.kind)) {
+      debug("add: " + aData.origin + " " + app.localId + " " + action);
       Services.perms.addFromPrincipal(principal, aData.type, action);
       return true;
     } else {
-      debug("add Failure: " + aData.origin + " " + appID + " " + action);
+      debug("add Failure: " + aData.origin + " " + app.localId + " " + action);
       return false; // This isn't currently used, see comment on setPermission
     }
   },