I will get right to the point — have you ever used a file url (file:///) ?
Probably yes, to open a locally stored compatible file in the browser—like html, png, pdf.
But the W3C doesn’t want you to work this way. Talk to W3C veterans and they’ll tell you file:/// is a security problem.
Challenge this assertion or ask for a demonstration and the matter is quickly dropped, because while in the past there were problems with file url, all the browsers disabled the vulnerability long ago.
A Little History
And yes, the name of one of the authors is Mr Tim Berners-Lee!
So why would W3C veterans ritually condemn a spec created by their fearless leader?
The plot thickens…