The structure of the storage locations has been extended. A distinction is now made between generated and imported documents.
The generated documents are trusted and are stored in the
internal sub directory.
Imported documents, such as those added by a user using drag and drop, can potentially be security critical and are therefore stored in the
external sub directory.
If you want to take advantage of this new distinction and classify imported (external) documents as an untrusted source, the trusted storage location must be restricted to the internal sub directory.
Without changing the trusted storage location, the behavior is identical to before. Both generated and imported documents will continue to be trusted.