FTP (File Transfer Protocol) has long been the go to method of transferring files on the internet. It's how you uploaded files to your shared web server and how you submitted your assignments when you attended university some time ago. There is one problem with the protocol however.
Mainly, it's getting pretty old and it is not the most secure protocol for file transfer currently. Usernames and passwords are still transferred through cleartext meaning that they could in theory be intercepted.
In preparation for the final removal of FTP support in its browsers, Mozilla disabled the functionality starting with Firefox 88. Users could still use it, but they had to turn on the feature themselves manually.
Starting with Firefox 90 however, FTP will no longer be supported in the browser. The change is automatic for the most part. Once your browser updates to the proper version, the FTP functionality will be gone completely.
Launching any ftp:// url in the browser bar will now launch the default external FTP client that is installed on the users machine.
This also means that any browser extension relying on
This change is a big move in the direction towards a more secure HTTPS only web. If you are a developer though, Mozilla has given you an alternative to using the internal FTP client.
Essentially, developers can specify which FTP client to launch on a users machine when given an FTP url.
The official Mozilla blog states the following:
"To help offset this removal, ftp has been added to the list of supported protocol_handlers for browser extensions. This means that extensions will be able to prompt users to launch a FTP application to handle certain links."
From reading online there seems to be mixed emotions on this matter. Some developers feel like this was long overdue mainly because of the security vulnerabilities that FTP could potentially allow.
Other developers feel like FTP is still in wide use globally, and that completely removing it from the browser could potentially lead to unforeseen issues.
Mozilla, however, is not the first browser to completely get rid of the aging protocol. Google removed FTP functionality in Chrome in 2020 and attempting to launch an FTP address in the browser yields the following message:
Whichever side you find yourself on, everyone can agree that making the web a more secure place to navigate through is a good thing. And that might mean that you now have to go out and find an actual external FTP client to download and install on your machine.
And that's a fair trade I think.
Walter Guevara is a software engineer, startup founder and currently teaches programming for a coding bootcamp. He is currently building things that don't yet exist.