Ok, here's my take
NoScript website is here
NoScript - JavaScript/Java/Flash blocker for a safer Firefox experience! - what is it? - InformAction
If you read through you can find that NoScript offers the following features
- Scripts protection
- XSS Type 0 (DOM based) & Type 1 (Reflective) attacks
-
CSRF
-
DNS rebinding attacks
-
HTTPS cookie hijacking - 100% HTTPS at all times is the best way to prevent this type of session hijacking. You can also leave the session cookie unsecure to maintain the session, and have a second (HTTPS only) cookie to handle the authentication. It's a good way to separate the two concerns maintaining the session and authentication, even when using HTTPS all the time
-
Application Boundaries Enforcer (ABE) - hardening the web application oriented protections already provided by NoScript, by delivering a firewall-like component running inside the browser i.e. to protect web browser plugins from being exploited. It’s similar to the dynamic filtering panel in uBO, to set per-site rules.
- Clickjacking (aka UI redressing or IFRAME overlay) – protects against iFrame-based attacks and cursorjacking
Now, here are the current protections offered by FF Quantum (also for Chrome browser)
- CSRF/XSRF (cross-site request forgery). Disabling 3rd-party cookies helps in preventing CSRF
- Reflective XSS (cross-site scripting)
- Clickjacking
(aka UI redressing)
Security/Features/XSS Filter - MozillaWiki
So, if you'll to compare NoScript vs FF Quantum you can see that FF Quantum do have some features of NoScript.. The main strength in NoScript is its very customizable blocking of scripts on per site basis. This you can also achieve using uBlock Origin(in medium mode)/uMatrix or any extension with script blocking capability e.g. No-Script Suite Lite
There are many former users of the old version of NoScript who are not happy with the new webextension verison of NoScript for some reasons and have migrated to using uBO(in medium mode)/uMatrix instead
In addition, script blocking through micro-managing per site basis takes a lot of time and effort. Can you imagine micro-managing 200 sites? Do you want to spend your time doing it or rather surfing the net?
The best I can think of in using NoScript is to use its other features (if possible) and disables the script-blocking feature just like using other extensions with script-blocking capability. I just turned this feature off.
Or you can don't use NoScript (except for DNS rebinding attacks) if you'll to use
uBO(in medium mode)/uMatrix or any extension with script blocking capability + NetCraft extension which offers XSS protection + only surfing HTTPS sites + those protections mentioned above that come with FF Quantum