I found this information at Configurable Security Policy while searching to disable a onkeypress event for a site. Here is the memo I want to share.
Add this in your user.js.
user_pref("capability.policy.policynames", "nojs");
user_pref("capability.policy.nojs.sites", "http://site.com");
user_pref("capability.policy.nojs.javascript.enabled", "noAccess");
the user.js/pref.js in firefox is located in ~/Library/Application Support/Firefox/Profiles/xxxx.default if you’re using a MAC OS.