Updated the code to provide a warning message to the user when JavaScript has been disabled in the browser.

This was done in response to customers pasting the HTML for the login page into the ADA Web Accessibility Checker, and checking it against Section 508 compliance.  See: https://achecker.ca/checker/index.php

server/src/main/java/password/pwm/http/PwmRequestFlag.java

@@ -35,4 +35,5 @@ public enum PwmRequestFlag
     ALWAYS_EXPAND_MESSAGE_TEXT,
     INCLUDE_CONFIG_CSS,
     INCLUDE_IAS_ANGULAR,
+    INCLUDE_IAS_CSS
 }

server/src/main/java/password/pwm/http/tag/PwmScriptRefTag.java

@@ -59,7 +59,7 @@ public class PwmScriptRefTag extends TagSupport
             url = PwmUrlTag.insertContext( pageContext, url );
             url = PwmUrlTag.insertResourceNonce( pwmRequest.getPwmApplication(), url );
 
-            final String output = "<script type=\"text/javascript\" nonce=\"" + cspNonce + "\" src=\"" + url + "\"></script>";
+            final String output = "<script type=\"text/javascript\" nonce=\"" + cspNonce + "\" src=\"" + url + "\"></script><noscript></noscript>";
             pageContext.getOut().write( output );
         }
         catch ( Exception e )

server/src/main/java/password/pwm/http/tag/PwmScriptTag.java

@@ -60,7 +60,7 @@ public class PwmScriptTag extends BodyTagSupport
                 final String strippedTagBody = stripHtmlScriptTags( tagBody );
                 final String output = "<script type=\"text/javascript\" nonce=\"" + pwmRequest.getCspNonce() + "\">"
                         + strippedTagBody
-                        + "</script>";
+                        + "</script><noscript></noscript>";
                 getPreviousOut().write( output );
             }
         }

server/src/main/java/password/pwm/i18n/Display.java

@@ -169,6 +169,8 @@ public enum Display implements PwmDisplayBundle
     Display_WarnExistingOtpSecret,
     Display_WarnExistingResponseTime,
     Display_WarnExistingResponse,
+    Display_WarnJavaScriptNotEnabledTitle,
+    Display_WarnJavaScriptNotEnabledMessage,
     Display_PleaseVerifyOtp,
     Display_OtpRecoveryInfo,
     Display_OtpClearWarning,

server/src/main/resources/password/pwm/i18n/Display.properties

@@ -179,6 +179,8 @@ Display_WarnExistingOtpSecretTime=You have already enrolled your device on <span
 Display_WarnExistingOtpSecret=You have already enrolled your device.  You can test your current device by typing in the generated code below.  If you continue, you can re-configure your current device.
 Display_WarnExistingResponseTime=You have already setup your challenge/response answers on <span class\="timestamp">%1%</span>.  If you continue, you can re-answer your questions.
 Display_WarnExistingResponse=You have already setup your challenge/response answers.  If you continue, you can re-answer your questions.
+Display_WarnJavaScriptNotEnabledTitle=JavaScript is Not Enabled
+Display_WarnJavaScriptNotEnabledMessage=This application relies heavily on JavaScript to function properly.  While a few features may still be available with reduced functionality, it is recommended to enable JavaScript in your browser to have the best experience.
 Display_PleaseVerifyOtp=Please enter the 6-digit verification code from your device.  If your device is not configured to give you a verification code, please go back to the previous page and configure your device.
 Display_OtpRecoveryInfo=Each of these recovery codes can be used exactly one time in the event that you can not access your phone.  Be sure to <a class\="pwm-link-print">print this page</a> or otherwise write down these codes and and store them in a safe place.
 Display_OtpClearWarning=Are you sure you wish to continue?  If you proceed, your existing enrollment will be cleared and you will need to reconfigure your device.

server/src/main/webapp/WEB-INF/jsp/fragment/footer.jsp

@@ -82,5 +82,5 @@
         var dojoConfig = { has: { "csp-restrictions":false }, async:true }
     </script>
 </pwm:script>
-<script nonce="<pwm:value name="<%=PwmValue.cspNonce%>"/>" dojo-sync-loader="false" type="text/javascript" src="<pwm:url addContext="true" url='/public/resources/webjars/dojo/dojo.js'/>"></script>
+<script nonce="<pwm:value name="<%=PwmValue.cspNonce%>"/>" dojo-sync-loader="false" type="text/javascript" src="<pwm:url addContext="true" url='/public/resources/webjars/dojo/dojo.js'/>"></script><noscript></noscript>
 <pwm:script-ref url="/public/resources/js/main.js"/>

server/src/main/webapp/WEB-INF/jsp/fragment/header.jsp

@@ -64,8 +64,8 @@
             var PWM_GLOBAL = PWM_GLOBAL || {}; PWM_GLOBAL['startupFunctions'] = [];
         </script>
     </pwm:script>
-    <pwm:if test="<%=PwmIfTest.requestFlag%>" requestFlag="<%=PwmRequestFlag.INCLUDE_IAS_ANGULAR%>">
+    <% if (JspUtility.getPwmRequest(pageContext).isFlag(PwmRequestFlag.INCLUDE_IAS_ANGULAR) || JspUtility.getPwmRequest(pageContext).isFlag(PwmRequestFlag.INCLUDE_IAS_CSS)) { %>
         <link rel="stylesheet" type="text/css" href="<pwm:url url='/public/resources/webjars/pwm-client/vendor/ias-icons.css' addContext="true"/>"/>
         <link rel="stylesheet" type="text/css" href="<pwm:url url='/public/resources/webjars/pwm-client/vendor/ux-ias.css' addContext="true"/>"/>
-    </pwm:if>
+    <% } %>
 </head>

server/src/main/webapp/WEB-INF/jsp/login.jsp

@@ -23,6 +23,8 @@
 <%@ page import="password.pwm.http.tag.conditional.PwmIfTag" %>
 <%@ page import="password.pwm.http.tag.conditional.PwmIfTest" %>
 
+<% JspUtility.setFlag(pageContext, PwmRequestFlag.INCLUDE_IAS_CSS); %>
+
 <!DOCTYPE html>
 <%@ page language="java" session="true" isThreadSafe="true" contentType="text/html" %>
 <%@ taglib uri="pwm" prefix="pwm" %>
@@ -34,6 +36,16 @@
         <jsp:param name="pwm.PageName" value="Title_Login"/>
     </jsp:include>
     <div id="centerbody">
+        <noscript>
+            <div class="ias-status-message">
+                <div class="ias-status-message-title">
+                    <i class="ias-icon ias-icon-status_warn_thick ias-warn"></i>
+                    <span><pwm:display key="Display_WarnJavaScriptNotEnabledTitle" displayIfMissing="true"/></span>
+                </div>
+                <p><pwm:display key="Display_WarnJavaScriptNotEnabledMessage" displayIfMissing="true"/></p>
+            </div>
+        </noscript>
+
         <h1 id="page-content-title"><pwm:display key="Title_Login" displayIfMissing="true"/></h1>
         <p>
             <span class="panel-login-display-message"><pwm:display key="Display_Login"/></span>