XSLT deprecation in "Site compatibility-impacting changes" (#3775)

* XSLT deprecation

* Fix typo in deprecation notice for XSLT in site-impacting changes document

Author: captainbrosset

microsoft-edge/web-platform/site-impacting-changes.md

@@ -36,6 +36,7 @@ This table lists high-impact changes which the Microsoft Edge team is tracking c
 | --- | --- | --- |
 | Insecure downloads over HTTP | Future release (TBD) | When a user tries to download potentially dangerous content from an HTTP site, the user will receive a UI warning, such as "Insecure download blocked."  The user will still have an option to proceed and download the item.  Admins can use the `InsecureContentAllowedForUrls` policy to specify HTTP sites for which the warning will be suppressed.  Admins can use the `InsecureDownloadWarnings` feature flag to test the impact of this upcoming feature. |
 | Deprecate unload event | Future release (TBD) | Introduces a new Permission-Policy to allow creating unload event listeners. The default policy is `allow`, but the default policy will gradually be migrated to `deny`, such that unload handlers stop firing on pages, unless a page explicitly opts in to re-enable them.  This change is happening in the Chromium project, on which Microsoft Edge is based.  For more information, see [Intent to Deprecate: Deprecate unload event](https://groups.google.com/a/chromium.org/g/blink-dev/c/dvusqw9-IhI/m/SBkm_u1RAQAJ). |
+| Deprecation of XSLT | Future release (TBD) | XSLT support represents a disproportionate attack surface, and the Chromium project which Microsoft Edge is based on has announced plans to disable and ultimately remove XSLT in a future release. See [Removing XSLT for a more secure browser](https://developer.chrome.com/docs/web-platform/deprecating-xslt). As a result, you should treat reliance on client‑side XSLT as technical debt and plan migration accordingly. Microsoft Edge version 147 introduces the XSLTEnabled feature policy to support testing and transition scenarios while the Chromium project works toward deprecating and removing XSLT support. We encourage organizations to proactively test setting `XSLTEnabled = Disabled` to identify application dependencies and remediation requirements ahead of any future default changes or removal of the feature. |
 | Remove inline XSLT for production of SVG | v147 | Support for using XSLT stylesheets to transform XML data into SVG files has been removed.  See [Remove inline XSLT for production of SVG](./release-notes/147.md#remove-inline-xslt-for-production-of-svg) in _Microsoft Edge 147 web platform release notes (Apr. 2026)_. |
 | JPEG or PNG embedded in BMP | v145 | Support for embedding JPEG or PNG image data in a Bitmap image format is nonstandard, and has been removed.  See [Remove support for Bitmap extension to embed JPEG or PNG](./release-notes/145.md#remove-support-for-bitmap-extension-to-embed-jpeg-or-png) in _Microsoft Edge 145 web platform release notes (Feb. 2026)_. |
 | Externally loaded entities in XML parsing | v144 | Synchronous fetching of external XML entities/DTDs, which are then used when parsing under specific circumstances, has been removed. See [Externally loaded entities in XML parsing](./release-notes/144.md#externally-loaded-entities-in-xml-parsing), in _Microsoft Edge 144 web platform release notes (Jan. 2025)_. |