Giorgio Maone, the author of one of my favorite Firefox extensions, NoScript, has been doing some work to extend the functionality to prevent XSS attacks. Download it, test it. It looks like Mozilla is going to make some changes to their parser to limit the potential for XSS attacks too!

If you don't know what NoScript is, I highly recommend installing it. It adds a slight cost to your surfing; you will need to occasionally click 'temporarily allow' on certain sites that require JavaScript and will need to 'permanently allow' some sites when you first start using it. On the other hand, it will significantly reduce your vulnerability to JavaScript based attacks, including privacy worries (like the google analytics tracking on this site :) ).