Yes, you can, when using Safari (other browsers untested). It requires installing Java, activating Java for browsers (the plugin), the activating it in the browser (Safari: Preferences > Websites > Java, keep it off for other websites, but allow it for specific/currently open sites (Ask/Off/On).
You can turn off Java in the System Preferences Pane at any time. You can turn off Java in the browser’s preferences at any time. You can turn on Java for local programs, but keep it off for internet. You can set ‘Enhanced Security Restrictions’. Quite flexible, just don’t keep it on because you forgot it.
The Java that Apple supplied (up to v6, now called Legacy) was not inherently safer than Oracle’s Java (v10 now); it needed the same security patches as other platforms. The cool thing about Java is that a programmer can easily ‘port’ their code to any platform that works with Java. The downside is the number of vulnerabilities found, designed to bypass security measures and execute arbitrary code on behalf of others (e.g. be part of a botnet).
There is no such thing as a safe site w.r.t. Java: the owner of the compromised site is generally a victim too. That makes the Allowed-list a bit awkward. That’s why there are Java certificates, a bit like SSL certificates and Mac identified developers, so that the authenticity can be verified with a ‘circle of trust’: once revoked, the certificate is revoked on every check from then on.