SoylentNews is people
SoylentNews
Currently people can access FTP list and download resources hosted on FTP servers in Chrome through FTP URLs, but this may not work anymore in the near future. In a post published by Chrome engineers, there is a plan to deprecate FTP support in Chrome version 82.
The major motivation for this deprecation is that Chrome doesn't have an encrypted FTP connection support(FTPs), this raises security risk of downloading resources over FTP. Since users can access FTP URLs and download resources, there is no encryption of the data which indicates any sensitive information would be exposed to middle man attack. There are other vulnerabilities as well.
[...] The deprecation will start from Chrome version 82 planned to be released in 2020 Q2.
This discussion has been archived.
No new comments can be posted.
Google Plans To Deprecate FTP URL Support In Chrome
|
Log In/Create an Account
| Top
| 37 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
In Tulsa, Oklahoma, it is against the law to open a soda bottle without
the supervision of a licensed engineer.
(Score: 4, Interesting) by SomeGuy on Monday August 19 2019, @02:55PM (15 children)
FTP was one of the standard applications of the Internet TCP/IP protocol suite, pre-dating the web.
Browser based FTP was never on-par with proper FTP clients. Proper FTP clients usually included features such as hierarchical browsing, drag and drop, multiple file selection, managing multiple downloads, wild card selection, and more.
Still, it was often handy to be able to just click a link in a web browser instead of installing a separate client.
One could even serve up HTML pages using FTP. Back when web servers were new, expensive, and buggy, that was not such a nuts thing to do. Still useful for readmes or such. However Firefox will be removing support for that specific ability:
https://www.fxsitecompat.dev/en-CA/docs/2019/all-ftp-resources-are-now-downloaded-instead-of-being-rendered/ [fxsitecompat.dev]
On the flip side, FTP was sort of a goofy protocol. It was always such a headache getting clients connected when there were proxies or firewalls involved.
Trying to automate anything via FTP was always a headache, as it was not a very robust protocol. Something failed and you often wound up with a zero length file and no error response returned.
Lack of encryption? Cry me a river. Filezilla has supported encrypted FTP for ages. They can implement a full media player in a browser but not some file transfer protocol? What a world.
(Score: 1, Informative) by Anonymous Coward on Monday August 19 2019, @02:59PM (8 children)
You talk like it's ancient history. FTP isn't dead, yet.
(Score: 4, Informative) by DannyB on Monday August 19 2019, @03:06PM (6 children)
The FTP client is dead. Corporate IT departments reject its installation. Why? Because Source Forge in their infinite wisdumb packaged the FTP client for Windows with an installer that "bundled" all kinds of sharknado goodfulness. The FTP client wasn't the only software that they provided this crapware delivery service for. Oh, and why? Because --> Advertising! The evil that will destroy the intarweb tubes.
Wha, wu, wuh's that? Other FTP clients you say? Are there actually any? For Windoze?
Or you could just not use FTP servers, and use WinSCP clients.
The lower I set my standards the more accomplishments I have.
(Score: 0) by Anonymous Coward on Monday August 19 2019, @03:27PM (3 children)
Not sure if there's snark here or not... Never heard of Filezilla, CoreFTP, or CuteFTP? Not to mention WinSCP itself does in fact do FTP.
I will be pleased to know that I don't have to worry about my one inbound and two outbound SFTP streams anymore since FTP is dead. ;)
(Score: 2) by DannyB on Monday August 19 2019, @03:40PM
I was referring to FileZilla.
I did not use any <no-sarcasm> tags.
The lower I set my standards the more accomplishments I have.
(Score: 3, Informative) by Pino P on Monday August 19 2019, @03:41PM
When SourceForge was owned by Dice Holdings, it distributed FileZilla and a bunch of other FTP clients with "DevShare" adware attached to them. This practice lasted from mid-2013 to early 2016 and ended when BIZX took over SourceForge and Slashdot.
(Score: 2) by Runaway1956 on Monday August 19 2019, @04:24PM
Sadly, if I were to mention FTP to our "IT" guy, he would be likely to get a blank look on his face. I'm pretty sure that he doesn't know what any of those clients are for. Word comes down from corporate that "We are installing blah-blah security suite, which will be pushed to all company computers next week. Please let us know of any problems." Then, 4 months later, blah-blah security suite disappears because the un-install has been quietly pushed, without any announcements. It was obvious from day one that blah-blah security suite brought the best machines to a slow walk, and older machines to their knees. And, the IT guy? He only knew that he couldn't load his internet games, and vidyas. Didn't have a clue what was happening.
(Score: 3, Insightful) by Thexalon on Monday August 19 2019, @03:30PM (1 child)
Last I looked, WinSCP clients can in fact work with FTP servers.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 2) by DannyB on Monday August 19 2019, @04:31PM
If I had an FTP server, I might have discovered that. I've only used SSH / SCP to transfer files between locations, and across OSes for a long time. On Windows WinSCP, just because. And PuTTY, just because. But on Linux, I find that the standard common terminal application can run the ssh command, and most common Linux GUI file managers can take a URL to "mount" a remote directory using nothing but the SSH server on the remote machine.
oh, and the only Linux machines have SSH. From the one and only one Windows machine that I use, but don't own, I would not even try to run an SSH server.
The lower I set my standards the more accomplishments I have.
(Score: 4, Interesting) by SomeGuy on Monday August 19 2019, @03:17PM
No, but there are a lot of people that would love to kill it. And this change by Google is a step in that direction.
One thing that FTP can do that "web" shit still can't is upload large files. HTTP submit forms crap out with files over a certain size/time taken and they have no way to pause resume or otherwise manage the transfer. But now that I think of it, I'm not sure web browsers even support uploading via FTP. I seem to recall IE used to offer some Active X add on that embedded an enhanced FTP client as if it were part of the browser, but obviously I never used that.
It will be interesting, Google's search engine still indexes FTP sites. Will this also change? Ah, the good old days of searching for a file name and "Index Of" to find a download without log-in restrictions or insane advertising. (The comments about promoting advertising are quite right)
(Score: 2) by JoeMerchant on Monday August 19 2019, @03:19PM
In the 1980s, I used Kermit file transfer to download update components for our CAD/CAM system from the manufacturer... why don't we have full featured Kermit support in our browsers?!!!?! /s
On the slightly more serious side, I would really like to see a "developer mode" checkbox within Chrome that at least retains whatever FTP support they do have - protect the innocent and naive from accidentally exposing their privates via FTP, but keep the feature for people who are determined to use it. There are still plenty of places which are only accessible via FTP.
🌻🌻 [google.com]
(Score: 3, Informative) by JoeMerchant on Monday August 19 2019, @03:40PM (2 children)
Jerry McGuire: SHOW ME THE MONEY!!!!
Where's the ROI for supporting a niche protocol used by a small number of professionals who are all going to point to FileZilla as a superior solution anyway no matter how good a job you do adapting the browser to it?
Interesting would be to somehow integrate FileZilla as a helper app within the browser, leveraging their code and development and somehow gaining ease-of-use through integration.
🌻🌻 [google.com]
(Score: 0) by Anonymous Coward on Monday August 19 2019, @04:36PM
"somehow gaining ease-of-use through integration."
What would a hybrid of an Amoeba and a Pig sound like?
(Score: 2, Insightful) by Anonymous Coward on Monday August 19 2019, @04:46PM
The real issue is that Indian/Google software is such a rat's nest that half of it breaks any time they touch anything. Otherwise, work that was already done, like FTP support is done, could stay done.
(Score: 1, Funny) by Anonymous Coward on Monday August 19 2019, @04:31PM
Dafuq are you talking about? Proper FTP clients had hash, mget, binary and get foo "|more
(Score: 2) by Username on Monday August 19 2019, @10:38PM
>Trying to automate anything via FTP was always a headache, as it was not a very robust protocol. Something failed and you often wound up with a zero length file and no error response returned.
What I did was create a MD5 hash index of all files located on server, filename|hash format inside. Then when the file was downloaded you could parse it for the file name and trim for last 32 char for hash, then check hash, and redo until 3 fails or matching hash.