NoScript notifies you about blocked script tags (<script>) and other active content using a standard "Popup blocker" style messages (you can easily customize or disable it).
You can customize almost everything in the appearance of NoScript.
Embedding options allow you to block Java, Flash, Silverlight, and other plugins, as well as page elements such as audio or video tags, IFRAMEs, FRAMEs, fonts, and WebGL.
You can set extra restrictions for untrusted sites, like preventing automatic page refreshes and redirections.
NoScript contains world-class filtering to protect you from cross-site scripting attacks.
NoScript offers several features to help using HTTPS in a more effective way, for example by enforcing SSL on sites of your choices or allowing scripts served from secured origins only.
The Application Boundary Enforcer (ABE) module is a very powerful rule engine designed to protect sensitive web applications from attack. By default, it protects your local network and router, but you can write your own rules to protect any website you wish.
NoScript features ClearClick, the only effective client-side protection against Clickjacking attacks.