Enable the developer menu in Safari and assign a keyboard shortcut to the JS item. Done :-)

The Develop menu in Safari helps enable keyboard shortcuts that can be used in Firefox? Please say more.

It would be cool if I could enable js on a per site basis

One word: uMatrix. NoScript lacks control on per-site basis, but is still ok.

IIRC, Noscript had per-domain JS controls before Umatrix existed.

But lacked fine grained control, at least the last time I used it. With uMatrix I can tell the browser to disable something (cookies/script/frames/media etc.) here but keep it enabled else/everywhere and the other way around. It gives the finest possible control but of course requires some time to whitelist the good stuff on new pages. A minor annoyance compared to the control it offers.

I wish it allowed for even finer control, though. What if it could prevent one specific function from running? Or replace tracking functions with no-op ones? Or hook into HTTP APIs in order to let you audit, modify or interrupt communications?

I guess you could use GreaseMonkey for that, though I can't imagine how you could keep track of everything. Might be useful for smallish modifications though.

Yeah, noscript is pretty powerful.

The biggest difference between the two, in my experience, is UX. uMatrix is the best UX for a content blocker I've ever seen - very intuitive and simple.

Unlock Origin in advanced mode can do it, so can Noscript.

NoScript add-on is fantastic.

> enable js on a per site basis

uBlock Origin, check I'm advanced, block whatever you want per site, click save button

You can with NoScript.

Vouching for uMatrix here it's super useful

> each of which is one key and one click in Safari

Safari user here. Which key and which click is that?

Key combo Cmd-,

(That’s command comma. Which I described as one key, cheating slightly, but hey they are so close to each other.)

Preferences panel comes up.

If you leave it on the security tab, the checkbox comes up. Uncheck it and now the site is usable without JS.

Another click on background or Esc to dismiss the dialog if you want to, but for some things that’s not even needed (therefore I claimed that low click count... ymmv).

the problem with using a plugin for something like this is that as soon as the plugin becomes popular enough, a third party purchases it from the original developer and adds a bunch of telemetry. stylish is a recent high-profile example, but it happens to small, benign-looking extensions even more often.

the problem has gotten so bad that i no longer use the plugin "store". i only install plugins that are open source, and only by building the source myself... meaning i miss out on automatic updates (but at least i know my plugin isn't spyware!).

it sucks.

It is also difficult to see which extensions have been granted what permissions. Right now I’m sticking with known extensions but maybe I should be compiling my own

There used to be plugins for almost anything. Then most of the powerful ones were kneecapped because of some bad actors. The new system is a joke.

I don't know, I kind of like it. I was writing a simple webextension within hours. Good tutorials etc.

New api functions are coming all the time as well. Its not yet as powerful as the old system but is there any reason to believe it will never be?

Literally yes, it will never be that powerful, and that's intentional. The old way was so powerful, able to do anything, because well, it basically just ran your addon in the core browser's execution context. Way too scary to give add-ons that much power.

However I genuinely do want stuff that isn't yet implemented. For example I want add-ons to get access to Firefox's copy of the Public Suffix List, which is what you usually wanted when your add-on actually just treats TLDs as special. I just this evening sent a PR to PassFF, a popular password manager to do something crude as a stop gap while we wait to access the PSL via Web Extensions.