I am beta testing Firefox 2 on one of my machines, and will be writing about the new JavaScript 1.7 in a post over at ScriptTeaser. One of the advantages to Firefox 2 is the spellchecker, which works with all text windows. It really is the way to go, rather than have to enable the functionality on every server.
Most of my Firefox extensions don’t work with 2.0b, but one that does is the NoScript, which allows you to ‘whitelist’ a site for JavaScript use. The purpose is to protect yourself if you end up at a site that has a JS exploit, but still allow JavaScript usage for trusted sites. Unfortunately, if a whitelisted site also has an opening for a cross-site scripting hack, exploitive JavaScript can be ‘injected’ into the page.
One can always turn JS off, but that just cuts you off from the useful to frivolous use of scripting that is pretty ubiquitous now. Still, it’s an option.
I like to use NoScript, as I like to see how sites look when their JavaScript is turned off. After all, sites need to make sure they work in a non-script environment. Home pages such hotels.com, shown below, are unacceptable–the mark of sloppy developers far too hung up on technology. Note to the company: Expedia’s worked fine without JavaScript.