Hi RNfromTN,
The best protection inside a browser comes from a combination of add-on's like NoScript (has not been beaten by any malcode in past, present or future) and RequestPolicy to block requests from malicious sources if any code is allowed to run.
Sandboxing is a good idea that has been taken to GoogleChrome tabbed processes in a sense, but malcode can spill over, so if code is not allowed to run it cannot break out of any sandbox!
polonus