Blocking all except allowed is better, security wise, for “input” and “forward”.
As far as “output” (a.k.a. “outbound”) traffic though… It’s just inconvenient. Presumably, you trust applications running on your router, considering they are by design all “from” the router, and not 3rd party ones, so it doesn’t make sense to both have a feature enabled, and then block it by the firewall. Whether you want a feature enabled/disabled, you’d do so from just one place, instead of two. On the other hand, some features might be hard if not impossible to disable for some reason, at which point it’s handy to use the firewall as a way to block the unwanted feature
=>
It’s more convenient and just as secure, to allow all except block when talking about the “output” chain.