Maybe nice if they (Mozilla and/or Google) would make a site somewhat like https://webftp.dreamhost.com/ that would accept url parameters to sort of proxy ftp requests.
Wouldn't help for internal network ftp servers, but would ease the publicly accessible part.
(Note that the dreamhost site has a little link icon in the lower left that will generate a link/landing page with all the important bits filled out.)
Wouldn't make that security worse? Then any FTP connection would have to be proxied through a third-party, which has all opportunity to monitor or MITM the files. This in particular as FTP is often used to transfer non-public files.
Alternatively, Firefox could allow standalone clients to register for the ftp:// uri scheme (I think that's already possible) and, if no client is registered, redirect to some info page that explains the situation and offers links to standalone clients.
Perhaps if it only supported anonymous ftp. That's most of the links that will get broken. For that, there is no real security consideration. What exists is plain text all around with deliberately exposed passwords.
> The biggest security risk is that FTP transfers data in cleartext, allowing attackers to steal, spoof and even modify the data transmitted.
I don't know how realistic that type of attack is and compromised authentication is likely worse, but both are cases that Mozilla cannot fix since they are inherent to the protocol itself.
