The Mozilla development group has released an alpha version of Firekeeper, a browser IDS/IPS that secures user browsing by detecting, warning and blocking browser based attack attempts.
It scans HTTP/HTTPS response headers, body and URLs, and has a direct implementation of Snort's pattern matching system.
When detects an attack attempt, shows an alert like the following one, allowing to block it once or permanently (or allowing it).
There is some general help about using this extension and details of how to create new rules. There is a test page too where you can try different fake browser attacks and see how it detects and warns about them.