I've been using Mozilla (on Win32) since at least 0.9.4, and aside from it getting quite stable now (at 0.9.9), it allows one to disallow javascript to set and/or read cookies. I believe this addresses the security issue which Petruchio's demo illustrates.

..Jon