allow stylesheets to read and write files in the site directory

[xworld21]

trafficstars

Small functionality ~~& security improvement~~, while working on #1948: stylesheets can read (via document()) and write (via <exsl:document>) files. This PR ensures that read/write operations happen in the site directory.

~~For security, operations are also restricted to the site directory, and network access is disabled.~~

Edit: this fixes #2053 in so far as letting exsl:document() write files in the correct place. My sandbox question in #2053 should rather be part of #2218.

[xworld21]

I have removed the libxslt security callback stuff, and kept this PR at a minimum: the point is, XSLT.pm is supposed to run in the site directory, because stylesheets can create additional files via exsl:document() (that could be very convenient to generate additional manifests, search indexes, custom EPUB tocs, etc). Simply changing directory is not controversial, I hope.

The security callbacks will reappear in the --recorder PR.