Illustration by Mark Todd In May, Web security consultant George Deglin discovered a cross-site scripting (XSS) exploit that involved Facebook’s controversial Instant Personalization feature. The ...