X-Git-Url: http://git.webkit.org/?p=WebKit-https.git;a=blobdiff_plain;f=Source%2FWebCore%2FChangeLog;h=3749d85beec54ba3d0b4912feb60e22663690830;hp=b5ae76d579eb18c3f717600474a5739454928751;hb=c39e62fd71d996c0d2ff9fe7358c3b00c3b8ec28;hpb=74a038e32ddb3574d5040b5e85b56a8eac43f97d

diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
index b5ae76d..3749d85 100644
--- a/Source/WebCore/ChangeLog
+++ b/Source/WebCore/ChangeLog
@@ -1,3 +1,27 @@
+2018-01-08  Michael Saboff  <msaboff@apple.com>
+
+        Add a DOM gadget for Spectre testing
+        https://bugs.webkit.org/show_bug.cgi?id=181351
+
+        Reviewed by Saam Barati.
+
+        This change is used to test Spectre mitigations.
+
+        Added a side data array to the Comment DOM node to test for Spectre issues in
+        the DOM layer.  This additional functionality is disabled by default and must
+        be enabled through the JSC option "enableSpectreGadgets".
+
+        * dom/Comment.cpp:
+        (WebCore::Comment::Comment):
+        (WebCore::Comment::setReadLength):
+        (WebCore::Comment::charCodeAt):
+        (WebCore::Comment::clflushReadLength):
+        * dom/Comment.h:
+        * dom/Comment.idl:
+        * page/RuntimeEnabledFeatures.cpp:
+        (WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const):
+        * page/RuntimeEnabledFeatures.h:
+
 2018-01-08  Said Abou-Hallawa  <sabouhallawa@apple.com>
 
         A canvas should not be tainted if it draws a data URL SVGImage with a <foreignObject>