NoScript

简介:

最大限度地保护您的浏览器：NoScript 只允许您选择的信任域名显示活动内容，以防止漏洞利用。

Winner of the "PC World World Class Award" and bundled with the Tor Browser, NoScript gives you with the best available protection on the web.

It allows JavaScript, Flash, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking site, mitigating remotely exploitable vulnerabilities including Spectre and Meltdown.

It protects your "trust boundaries" against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts.

Such a pemptive approach pvents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality where you need it.
Experts do agree: your browser is really safer with NoScript ;-)

FAQ: https://noscript.net/faq
Forum: https://noscript.net/forum