The Feature for Secure Processing has been designed to align with the Java Security Manager. Specifically, when a Java Security Manager is present, the Feature for Secure Processing is always on and cannot be turned off, which sets restrictions and limits to the XML processors.

As the Java Security Manager is to be removed, in accordance with JEP 411 ( https://openjdk.java.net/jeps/411 ), we shall evaluate whether the Feature for Secure Processing should be turned on for all XML Processors to enforce restrictions and limits by default.