How To Prevent Cross Site Scripting (XSS) and Click Jacking
Internet Explorer 8 offers this protection right out of the box, and turned on by default.Internet Explorer 8 includes a cross-site scripting filter that can detect these types of attacks and disable the harmful scripts.This is probably one of the most important improvements in IE 8 is its defence against cross-site scripting (XSS) attacks.
All the XSS filtering will take place inside IE’s rendering engine.When IE detect the attack, it will refuse to execute the related script code and alert the user that an attack has been blocked.
You can do download NoScript from here. The add-on will display on your status bar. It gives options to you to allow or disallow scripts. See below.