Safari 5 was released today and following IE8's move they decided to implement what they call XSS Auditor.
According to the Safari 5 site:
XSS Auditor: Safari can filter potentially malicious scripts used in cross-site scripting (XSS) attacks.
Indeed Safari 5 does manage to block the usual
However it took me just under a couple of minutes to discover that the following bypassed the filter just fine:
"><img src=aa onerror=alert(0)
(Notice I haven't closed the tag or used quotes).