That's definitely something worth considering.
For what it is worth,
xdg-desktop-portal's URL/file opener service pops up a confirmation dialog when used (along with an option to always allow the given application to open URLs/files). This also has the benefit of letting the user know which application caused the web browser to open / gain focus.
Given that we (the desktop team) want to make xdg-desktop-portal available to snaps, I do wonder whether we should consider migrating to it as the default solution. It is not at all clear that there is a need for something that will work outside of a desktop session, or what kind of semantics would make sense there. It certainly isn't a use case that apps would expect to work outside of the sandbox.