A rather major attack vector, viruses or other malware, is through malicious use of scripts. Disabling scripts (FireFox or otherwise), including Flash and similar issues, is just rather inconvenient. And there is the issue of cross-site scripting. It has occured to me that this issue might be circumvented by writing a script/coding by programming code that does not execute the scripts, but writing a script or code that takes a SAFE code that will not execute the original script, but a safe version of the script. In other words, what is presented as a script, should be replaced by a safe script. What do you think ?