I don't think this would help at all. XSS attackers would just switch to things other than forms. Marking wontfix but adding to bug 301375.
Umm... I was preparing to write the patch, I regret... > XSS attackers would just switch to > things other than forms. Of course, I see it. Even so, the attacking ways should not be left.
Forcing users to click through dialogs isn't going to help security, and in fact will lessen the effectiveness of other warning dialogs. Enough sites use this in acceptable situations that it would become an annoyance instead of a useful warning.