Because we can't remember all those dirty tricks that CTFs use.
We need a place to catch' em all.
SSRF
Protocol bypass
With urllib.urlopen() in python 2, you don't have to use the wrapper "file://" to read a file.
Very handy if there is a procotol verification/validation in place.