It was a feature of IE5.

I updated an XSLT system to work with then latest Firefox a couple of years ago. We have scripts in a different directory to the documents being transformed which requires a security setting to be changed in Firefox to make it work, I don't know if an equivalent thing is needed for Chrome.