> Browsers opening an ftp:// link can simply prompt to open it in a different program, much like they did PDFs in the past. (I also don't think a browser should have to be a great PDF renderer, but here we are.)

Except then you have to find, install, and configure that program, which not everybody may be able or willing to do. We have trust browsers, for better or worse, and many people may not be comfortable identifying another trustworthy program to handle FTP downloads (due to malware/adware concerns), especially when they're trying to do something else. Having something in the browser saves users a trust decision.

Also, this feature has been so established that lots of stuff was designed expecting it to work that will now be broken. I also wouldn't be surprised if some FTP sites (say with old drivers) just get taken offline without being migrated, due to this.

And such programs can and will be downloaded from disreputable sites packed with malware and other junk, because the user needs that file. The great thing of having this stuff concentrated in a single program is that at least you have only one vendor relationship to consider.

Not everyone has a FTP client installed in the system, or a FTP client that can be launched with the server to open (Windows explorer can open FTP servers but I don't think you could with a link. But I'm not sure).

A lot of sites, especially old ones, are build with the assumption that every browser can access FTP links as you would with HTTP. And so for example a download section is a link to a FTP server.

To me removing it is stupid. Is it a security concern? Not really. Also not having it in the browser will not make security better, a person that needs it will use it with another client. Will make the browser faster or smaller? Not really, a FTP client is something really simpler, and browser have them since ever.

Good thing the pdf reader in Firefox is just a is just a .is file