Using webkitdirectory in Chrome, there is a warning message that appears. The message reads: "Upload [number of files] files to this site? This will upload all files from [directory name]. Only do this if you trust the site."

This started just recently in Chrome version 66.0.3359.139 as a new security feature. In previous versions of Chrome, you could socially engineer a user into holding the enter key and upload their whole home folder to any malicious site of choice. (You can read more details about this here.)

Since this is a security feature, it's not likely to go away any time soon. It's probably not the most ideal way of making users aware of this issue, and you might even say that it protects against a far-fetched idea of an attack, making legit applications put up with bad user experience with a disregard for UX considerations.

The best course of action for you, as a site owner, would be to inform your users of this new popup that they will likely see in the future as Chrome updates are being deployed constantly and prepare yourself for a number of e-mails and inquiries about this problem.