Not sure if it's what you meant, but NoScript seems to do just that : disable
by default and temporary allow a page when requested.
Regarding JavaScript, I still wonder if Firejail is good enough as a defense.
To my understanding, JS can collect data (nothing Firejail could do about it,
But NoScript can to some extent), and run code on the Browser, and on the
computer (but I'm really not sure about the latter).
From there, since Firejail (with an option) can limit access to the computer
from outside to only one folder (which can be empty or not). So in theory the
PC is safe, but the browser? Not so, I guess.
Assuming my rambling above is true, I wonder how to protect the browser. But
I'd needto understand the threat first.
