Why WOT not working

It not a website that provide a context in this topic.

It is about CD, the fact it provides a choice when DV-SSL webpages are involved but none if a plugin rely on DV-SSL connection (such plugin won’t work)

Much more striking is that a plugin making an http connection to a 3rd party site would not have been seemingly blocked nor notified to the user. ???

http connections cannot be assumed to rely on any type of certificate and they would share similar consideration as far CD plug-in support goes.

so many insecurities…and there is only Comodo trying to fight it all! :slight_smile:


I have previously asked for suggestions on how you all would like to be notified that a plugin/extension is using a DV cert, but it got partially ignored. DV certs are evil, evil, evil.

Melih: Simple solution: Acquire WOT and get it a EV cert :stuck_out_tongue:

I have previously asked how many type of notifications are there and why were discarded.

There had to be a reason.

I don’t have access to the Dragon code, but as far as I can see only DV warnings are present in Dragon. (Only available via a browser session, not behind the scene) There are no other notifications to my knowledge

I did mean Types as different widget possibilities to present or otherwise warn the user.

The only notification I am aware of is the standard one that gets shown in a browser tab. How would you like to see this improved?

The standard one does what it is supposed to do very nicely. It asks and explain.

Other members suggested to have an exclusion list so current incompatibilities would be fixed.

Knowing and agreeing with Melih on DV certs, I don’t foresee an exclusion list getting added. It defeats the purpose of the DV warning. However, making this list function like Firefox’s “Add Exception” for SSL certificates, might work as this would mean the user EXPLICITLY trusts the site.

Will be there also a dialog to manage the list of exceptions?

[attachment deleted by admin]

It will be up to Comodo and the Comodo Dragon Devs to decide that. I can’t decide that, but there would have to be some way.

What Endymion suggests is the simplest approach, but yes you would have to be able to manage (at least remove) exceptions. IT also seems to me that OV certs should receive warnings as well - maybe this would be optional.

A more selective approach would be to (have the option of) warning only when the user tries to post or otherwise send data?


I posted a screen-shot and asked a question about Firefox’s “Add Exception”:

Thought necessary for everybody to see a picture if I did not misunderstand the above quote

I’m not sure what I suggested whereas I was asking about types of widgets that provide warning and notification (ask and/or explain) to the user.

Surely IF it was necessary to even choose what notification could apply, then starting from a list of available notification widgets was necessary.

Having said that I thought these lines were enough to to describe my suggestion

Thanks yes, the above is what I meant (including the Firefox approach).


Indeed and what I meant is that I thought firefox approach was not my suggestion whenever I was asking informations to understand how much it matched my earliest hopes about a foreseeable evolution of CD.

Preventing malfunction of plugins extensions that rely on DV-SSL connection (whereas this topic focus on a specific example of such extension) it is still my main concern though eventually adding notification whereas each extension attempt silent ( DV/EV/OV-https and http) connection to 3rd parties would be IMHO a reasonably agreeable way to differentiate CD from other Chromium implementation (provided that users would be able to completely/selectively disable such new feature if they wish so)

Whenever new features will be implemented with a degree of reconfigurability this would be also relevant to increase user compliance and CD adoption whereas deal-breaker limitations (eg loss of functionality) would be reduced or nullified.

OK That’s fine!

I guess we should all distil our best ideas into the wishlist item? This issue is a classic example of something that appears as a bug to the user, but as a wishlist item to the developer :slight_smile:

Best wishes


Though I wish so, I’m not sure how much feasible is warning about silent 3rd party connection made by extensions.

The best way would allow the user to be aware to what sites an extension connects-to so the extension is limited to these sites alone.
But it is not unlikely that an extension might attempt connection to different sites at different times whereas the user might not approve/consent some of those sites.

Other than wishing for a possible solution to the above I would be fine to get all extensions to work (even if it means to allow extension to rely on DV-SSL connections)

If the the design is seemingly meant to notify (and let user choose if block) about DV-SSL then I wish the design will be consistently extended to extensions.

Though I feel difficult to generalize over what is not a bug considering this topic outline a loss of functionality (silent blocking of extensions using DV_SSL) over vanilla chromium.

Whereas vanilla chromium can be considered a legitimate reference, CD undoubtedly also provides new useful features and functionalities (eg DV-SSL notification for webpages).

Hi All

I got a workaround to make WOT to work in COMODO Dragon.

For this you will have to install Ultimate Chrome Flag extension. - https://chrome.google.com/extensions/detail/dbpojpfdiliekbbiplijcphappgcgjfn

After installing, whenever you open a webpage, WOT rankings will be shown in the address bar of that website.
It won’t work in search results though.

Thanks. That’s going to be very useful till we get a whitelist or opt-out!

Best wishes



Thanks. ;D