Firefox remains my primary web browser of choice, principally because of the privacy extensions available, the most important of which are Cookie Monster and NoScript. But I’ve been frustrated by their limitations — I don’t want to just blacklist and whitelist, but to conditionally allow select 3rd party cookies to be set and scripts to be run depending on what the page is and what the 3rd party is. I want to be able to say that for paypal.com, requests to paypalobjects.com should be treated the same as paypal.com without globally whitelisting paypalobjects.com.
So I’m mortified it took me so long to find out about RequestPolicy, which simply denies cross-site requests in general unless they’re allowed, and supports allowing them on a per site basis.
It doesn’t do everything I’d like; I’d like a lot more granularity, which would require a more complex interface than its author is going for. But it’s better than anything I’ve seen.