Anyways just use NoScript addon with Firefox.
The problem with NoScript is the assumption that all Javascript is bad. Its approach is to kill Javascript completely on every web page by default. This breaks the functionality of countless web sites right out of the box. Then if you find a web site that you go to doesn't function without Javascript, you need to add it to your whitelist. Not a great plan. (Not to mention inconvenient)
The fact of the matter is that the majority of the problems stem from scripts that aren't hosted locally. Meaning, basic web site functionality is almost never the security issue. Who would be stupid enough to make it so easy for people to determine where they picked up the bad code?
No, the big problem is scripts hosted elsewhere. Scripts that the page author can then use the defense, "But I had no control over that script! It was an externally hosted ad banner, go after those guys!"...
A better alternative to to NoScript is using AdBlock Plus and using a simple filter.
*$script,third-party
This blocks all third party code, yet doesn't break normal web site functionality. Then if you encounter a site that has third party scripts that you wish to run, you can whitelist the external code by altering the filter.
*$script,third-party,domain=~whatever.com
(Note that I've never found the need to whitelist any third party scripts in the year or so that I've been running this filter)
This allows third party scripts to run on that domain only. (Add more domains by using the | separator)
Not to mention that the author of NoScript did some rather shady tampering with another popular extension through a "patch" that he applied to NoScript. This subsequently made the Mozilla folks change their extension policy to help ensure this doesn't happen again. Up until that point they had been allowing NoScript to update the extension without Mozilla previewing the code first due to its "trusted" status. Pretty cool for someone writing a so called "security" extension, no?
Author