Mozilla will remove FTP support in the Firefox web browser
Mozilla plans to disable and later on remove support for the FTP protocol in the organization's Firefox web browser this year. Discussions about ending FTP support date back to 2015 when Google and Mozilla engineers started to discuss the removal of FTP from the Chrome and Firefox web browsers.
Both companies limited some functionality related to FTP already; Mozilla started to block resources from FTP loaded on webpages in Firefox 61, and Google dropped proxy support in Chrome 76.
A new option to disable FTP support in Firefox was added in 2018 by Mozilla but the flag was never enabled by default; it did allow users and organizations to disable FTP support individually though.
Mozilla aims to disable FTP support by default in the Firefox web browser when Firefox 77 Stable lands; the version is scheduled for a June 2020 release. FTP will be disabled by default in Firefox but Firefox users and organizations may re-enable support manually for some time after the release. Mozilla plans to enable FTP in Firefox ESR 78, out in June 2020, according to this bug.
Eventually though, FTP support will be removed entirely from the Firefox web browser with no option to restore the functionality.
Bug 1574475 deals with the removal of FTP support. The main reason why FTP is being removed is that it is considered insecure but Google's decision to remove support from Chrome certainly played a role in Mozilla's decision to remove support as well.
Mozilla could have opted for implementing support for secure FTP in Firefox; a bug was filed 19 years ago to introduce support for SFTP in Firefox but nothing ever came out of it.
Google plans to redirect requests to the default handler for FTP on the system in Chrome, and it is likely that Mozilla plans to do the same in Firefox. Most file managers that come with the operating system support FTP, and there are plenty of programs, e.g. FTP Rush or WinSCP.Â that are better suited for connecting to FTP servers.
Firefox users may control FTP support in the following way (until the code is removed entirely from the web browser):
- Load about:config in the browser's address bar.
- Confirm that you will be careful.
- Search for network.ftp.enabled.
- Set the preference to TRUE to enable FTP support in Firefox.
- Set the preference to FALSE to disable FTP support in Firefox.
Now you: do you use FTP in your browser of choice or in other programs?
I just want Mozilla Org and FireFox to burn to death in a fire, and a truly independent advertiser-links-free open source privacy-first user-respecting fresh browser foundation to rise in its place, sorta like Phoenix, sounds kinda familiar. Mozilla outlived its usefulness as a user-first org long ago and serves mainly itself. Time for it to die.
I couldn’t agree more. The reason why such a foundation cannot rise now is because the cancer that Mozilla has become occupies the ideological space where it should appear.
“I just want Mozilla Org and FireFox to burn to death in a fire”
Tell us how you really feel.
You can configure Firefox to completely respect user’s privacy with about 20 clicks. You cannot do the same in Chrome with an infinite number of clicks
That’s pure BS. There are Chromium-based browsers like Ungoogled Chromium which establish zero unsolicited requests by default, whereas Firefox establishes 70++ connections by default. Chrome /= Chromium, one can use other Chromium-based browsers aside from Chrome.
you are comparing a tweaked Chromium version with Standard Firefox version
Been using Firefox for 15 years. I’m done with it after their little blog post.
Brave browser is where it’s at.
I haven’t used it in a long time. Most or all of the once used ftp sites support the https prefix/protocol with the old ftp addr. anyway.
I really wonder why does it matter if chrome supports it or not, chrome isn’t exactly known for caring about users and (more like the opposite with it’s anti competitive practices). Also i don’t see any benefit from copying everything chrome does since you will be always just the copy, you should aim for having more and better features than having everything chrome has and nothing more
Let me guess:
“Too complicated to maintain” = “insecure” = feature removed
For the benefit of the users, of course.
Yep, almost same reason is given why KDE won’t let you launch Dolphin file manager session as root user – tho, there are different variables but in the end it comes to this shitty explanation aka laziness coming younger developers, who behave like they become gods, lords of life and death.
The project, software they work on may be different but the attitude seems to be same everywhere nowadays. And let’s not forget about the important issues like ‘code of conduct’ and using the correct pronouns – the things those folks always have time to focus on.
When your are too lazy to continue supporting something, just call it “unsecure” and call it a day.
Such bullshit. Why are they coordinating with Google in this case??
Maintain ftp functionality and watch a bunch of Chrome users flock to Firefox when Chrome removes ftp.
This annoys me to no end.
Some not-so-far-away day, be sure that all the big browsers will forbid connecting to everything non https, and not even give us a work-around in advanced settings for accessing the http web, with the excuse that user freedom is bad for security. And they will publicly crucify any independent browser that will dare to let you still access it. Let’s bet on this.
Web servers can be a reverse proxy to a FTP server.
What if there is none ?
Was waiting for it to be removed, good riddance.
I love firefox but this is a bad idea
Mozilla adopts Extension Manifest V3
by Martin Brinkmann on December 19, 2020 in Firefox – 305 comments
From the same article: Yuliya, Iron Heart and Anonymous break the internet record on the number of posted comments. The internet then explodes.
Anonymous is the default account name here, it’s not a single person.
Who cares? There is one or more Anonymous’es who keep engaging in heated conversations with many of the regulars here :)
Hahahaha… spot on
If browser extensions are going to be a web standard, I don’t doubt Firefox will adopt Manifest v3, considering that Google controls W3C and Mozilla.
There are still lots of older ftp archives (linked from webpages) for OSes such as DOS and others. Lots of older non-app ftp archives too for things such as MODs, midis, and many other formats.. Google’s mindset on ftp has been evident for many years: search would no longer (or very rarely) display older sites that linked to ftp archives.
I used to publish small utils on DOS-based archives (such as Simtel; mirrored in many places). Even when I uniquely identify the file listing, these files (often linked to via numerous older webpages) never display.
Since there are better standalone ftp, sftp tools available, browser support isn’t a huge deal unless you regularly visit older pages that link to ftp resources (like the examples given above).
> Discussions about ending FTP support date back to 2015 when Google and Mozilla engineers started to discuss the removal of FTP from the Chrome and Firefox web browsers.
This. This irks me to no end. Google is killing the old web. They decide they want to kill ftp too. Mozilla’s response: yes, master.
Everyday there are less and less reasons to use firefox. It’s 100% Mozilla’s fault. Not too long ago Mozilla also killed built-in RSS rendering. Mozilla seems to want to become as generic as Chrome is.
Honestly beginning to feel that the Brave browser is becoming the browser Mozilla always pretended to be. You cannot serve two masters: it’s either Google or security/privacy. Brave is, at least, independent and fighting to keep it that way.
On my company PC I can’t install FileZilla nor anything and relied on the FTP feature of Firefox, hoping for FTPS to be implemented someday. Disappointed.
“Mozilla could have opted for implementing support for secure FTP in Firefox; a bug was filed 19 years ago to introduce support for SFTP in Firefox but nothing ever came out of it.”
“The main reason why FTP is being removed is that it is considered insecure but Google’s decision to remove support from Chrome certainly played a role in Mozilla’s decision to remove support as well.”
This sums up how Mozilla
Well, first I thought “what a pity” but then I realized I didn’t need that feature for years now. Browsing FTP directories for downloads has died. I don’t know any site that would require FTP support. Well and if really needed, I have an FTP client installed for homepage updates anyway.
“Insecure” has now become a synonym for “open” and “free” (as in “free to use”).
The Mozilla Browser… everything you need in one box… going, going, gone.
Once Mozilla blew up to a giant organisation with scores of people doing nothing in bullshit jobs it was over. FTP being “insecure” is such bullshit. Now they need Google’s money to keep this apparatus running and will do anything their financial master demand.
I would really like to have a detailed breakdown of the jobs within Mozilla org, how many are actually coders?
From the mid-seventies, up to now I still prefer a standalone for FTP.
Right no the free 64-bit version of FileZilla v. 22.214.171.124 (Release date ‘-20-03-11) does the trick for most of the jobs.
It’s a real shame that only the FileZilla Pro offers the much needed additional protocol support for WebDAV, Amazon S3, Backblaze B2, Dropbox, Microsoft OneDrive, Google Drive, Microsoft Azure Blob and File Storage, and Google Cloud Storage. Maybe someday this will be also offered in the free version.
I will really like to here somebody who knows another FPT program which free version will offer all functions named here above?
I’m not really happy about this, it could cause a lot of irritation and annoyance, because of the inconvenience this poses. Switching to another browser, simply to make an ftp upload or download does not exactly foster good relations between the users, and the Mozilla developers.
They say, that the protocol is inherently insecure … well as such, I think everyone instinctively knows what that means, judging from the comments on this page.
So what is the solution ?
Is there such a thing as an ftp transfer addon or plugin ? bearing in mind, this could be even more insecure than the native Mozilla protocol, this is probably not a good idea.
Switch to another browser which does not have this restriction ? … well you could, but its a damn inconvenience, just to complete a transfer, you find yourself thinking, I have to have two browsers open to maintain the range of capabilities, which were previously available to me in one browser !
These sorts of measures seem to be part of an incremental, creeping, encroachment, slowly removing what many users have taken for granted for many years, and it begs the question, why ?
The short answer is Money, Power, and Influence, and in this instance you can probably lay the blame at Google’s feet, one of the reasons why I De-Googled my internet life a long time ago, perhaps you, dear reader, should do the same. If the great Satan is not supported it will die … right ?
While you’re at it, why not look into using Linux as an alternative OS ? The subject covered here has absolutely no relevance to Linux users. Linux comes complete with “wget” which is an ftp transfer programme used in the terminal. Wget has always been supplied with Linux as a standard, and as far as I am aware, there are no plans to remove it from any distribution.
Linux is not commercially driven, at least, not where the desktop user is concerned, so if you all continue to support the likes of Apple, Microsoft, Google, Amazon et al, then you can look forward to a future, where you are robbed more and more, for less and less, as it is taken away from you.
In Linux there are several ways to skin a cat, in mainstream operating systems … considerably fewer.
I wonder to what extent, our use of the internet will be restricted, ten years from now ?
Peter Newton [London UK]
File Transfer Protocol (FTP) is an error-free, session-orientated protocol that uses TCP ports 20 and 21. Other similar protocols include TFTP (Trivial File Transfer Protocol) and SFTP (SSH File Transfer Protocol).
The main reason standard FTP can be considered “insecure” is because it doesn’t encrypt usernames or passwords; it sends them in clear text, i.e. plain text thus authentication and does not use encryption.
Someone who sniffs your mail server might read your private mail, but someone who sniffs your FTP password can deface your website, etc. The files themselves are uploaded or downloaded without any encryption at all. There are also other risks with the transferred data “straying”, etc.
Data sent via FTP is vulnerable to sniffing, spoofing, and brute force attacks, among other basic attack methods. Files are not only sent in plain text they are also not protected against “modifications” such as Man-in-the-middle attack.
FTP was NOT built to be secure.
All those unproportionally irrelevant and totally unsubstantiated (bs!) comments on EVERY article, are really disheartening. I don’t know how Martin keeps on writing quality articles considering the circumstances, i honestly wouldn’t.
Guys, try focusing on the subject, comment on-topic and be humble. For once!
Wait . . . wait, wait, wait. Does this even matter? I realized that most users I know use “Everything” by David Carpenter from Void Tools–keeps it updated, etc. Isn’t there an option to “Connect to an FTP server”?
Likewise, most users start the program for the tray during boot or sometimes place a link in the Context Menu.
I don’t know.
Published 4/13/2020 on Mozilla Addons blog site – What to expect for the upcoming deprecation of FTP in Firefox
Mozilla plans to “deprecate” FTP support starting possibly with Firefox 79
deprecation of ftp support in Firefox has been postponed…maybe until early 2021.
I CAN still access FTP sites in a recent Firefox 82 beta build that I’m currently beta testing
Just use an FTP client.
Being that both Chrome and FF have dumped FTP access, it’s time for you to review FTP clients.
I have a website that includes over 10,000 FTP links. I really don’t know what to do at this point. They can’t all be changed to http: because some of them are links to directories where users can get a file list and download the desired files. This page illustrates the magnitude of the problem:
I only noticed yesterday that Firefox had dropped FTP support; for now all I have is a warning page:
It seems that either thousands of websites and potentially millions of links will have be changed, or else thousands or millions of users will have to install ftp helpers on their computers. And for Windows 10 that would be… wget? FileZilla? Needless to say the FTP client that comes with Windows doesn’t work for this.
In other words, thousands or millions of people will have spend time on this because Mozilla decided to remove something (anonymous ftp) that did no harm, required zero “maintenance”, and has been fundamental fixture of the Internet for 50 years (since it was called the ARPANET), mainly just because it’s “old”.
Would ya look at that, ForSecurityReasons™ strikes once again.
Dear software developers: if you want people to update, stop breaking stuff!
What is my first experience with the new version? First of all, I am thankful for the useful improved about:performance page. But it would not take long until problems began.
The existing places.sqlite file is incompatible and was automatically renamed to places.sqlite.corrupt. Wonderful.
SoundCloud stopped working due to some CORS blah blah blah error!
The useful search feature that searches within my installed add-ons has also been removed. Apparently too many people whined that it be “bloatware”? Looks like someone filed this at bugzilla 1499500 some time ago, but no one at Mozilla tried to fix this simple thing.
HAR files created from the web developer tools are no longer listed in downloads and no longer named automatically. It’s these small adverse changes that make the experience bitter.
They have removed RSS / Atom citing underusage. Is this the purpose of these shady telemetry features? So they can find useful stuff to remove?
And after few minutes, the new Firefox crashed as well, whereas I had no crash with the old version for months! The crash with the new version just happened this once since the update, but still, this is no good sign.
See? This is why people are reluctant to update their software. Because if it works, there should be no need to update, but then crappy JS libraries like React break compatibility (wouldn’t have happened if sites used progressive enhancement like Wikipedia/MediaWiki does), so we are forced to upgrade with the possibility of encoutering new, very much welcome (sarcasm) problems.