The reason for downloading a file is that we would only want to serve the web-based setup page by https for security reasons. However, the Photon setup uses http. Most browsers disallow http requests from https pages for security reasons.
(Even though the Photon setup uses http over an unsecured Wi-Fi network, the Wi-Fi password is encrypted by the Javascript to prevent it from being sniffed.)