https://codereview.appspot.com/6827077/diff/1/src/com/google/caja/ses/mitigateGotchas.js File src/com/google/caja/ses/mitigateGotchas.js (right):
https://codereview.appspot.com/6827077/diff/1/src/com/google/caja/ses/mitigateGotchas.js#newcode18 src/com/google/caja/ses/mitigateGotchas.js:18: * outside the TCB. Please put in a "see" link to http://code.google.com/p/google-caja/wiki/SES#Source-SES_vs_Target-SES . How do the mitigations in this CL relate to the mitigations explained there? Can we put in a TODO for the mitigations explained there but not yet implemented here? Do we know of any other needed mitigations besides those explained there? https://codereview.appspot.com/6827077/
