> Isn't the origin of the script = the webpage I'm visiting?
No. A lot of scripts come from a CDN, or from an external API (e.g. ajax.googleapis.com, which is one of the more common ones).
> But you also write about an option for injecting one's own JS instead, right?
That's unrelated to my proposal. It's one of the things that would be necessary for JavaScript on the Web to actually be acceptable. My simpler proposal is just designed to make it feasible to disable JavaScript for non-technical users. It's a step toward eliminating JavaScript, rather than attempting to fix it.
