The only thing a firewall should be doing is to detect and block (D)DoS-attacks and connections to and from ip on ports you don't want or you are sure you don't need, while allowing connections from other ip's and ports you actually do need.
But outbound connections to port 80 and 443 are guaranteed to be allowed in almost every environment, and an attacker can usually control the remote server, including on which port it listens and which protocol it speaks. And an attacker could also easily disguise communication as normal http or https traffic. In addition, a protocol has been created, standardized, and implemented in all modern browsers designed to work around the annoying port blocking restriction: websockets. So can we all stop pretending that blocking outbound connections to certain ports is actually helpful, rather than just making things harder and less efficient for everyone, without posing a significant barrier to actual attackers?