NoScript might sounds like bazooka aproach, but you can find out it stops a lot of this and other problems.
Homepage https://noscript.net/ defines it as
The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank). NoScript also provides the most powerful anti-XSS and anti-Clickjacking protection ever available in a browser. NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality...
by default, it will disable JavaScript from untrusted sites completely (sometimes even replacing it with surrogates so page navigation continues to work), but even for trusted sites with JS enabled it will still offer many different protections.