Open mdowens opened 5 years ago
mdowens
commented
4 years ago Dear MISP Community, could you please give me any indication if/when these Accessibility issues would be addressed in a future MISP release? We have a legal obligation to ensure that all our staff have equal access to the MISP application. Thanks, Mike
iglocska
commented
4 years ago Hello @mdowens - thanks for all the work you've put into finding these issues. Would you have any guidance for us how we can easily test for these issues / guidance on the required fixes by any chance?
mdowens
commented
4 years ago Hi Andras, apologies for the delayed response but my organization needed to setup the best way to assist with future accessibility testing of MISP.
The standards we are looking to test against are European Standard ‘EN 301 549 Accessibility requirements suitable for public procurement of ICT products and services in Europe’ (which includes extending the Web Content Accessibility Guidelines 2.0, success criterion AA (WCAG v2 AA) to non-web systems) as a minimum accessibility standard.
My UK government organisation tests against assistive technologies and with users of assistive technologies including Dragon, JAWS, Lunar, Supernova, Zoomtext, and ideally, Read and Write Gold.
In terms of general test guidance:
• Is it possible to navigate completely throughout the product or service using only the keyboard? • Does the product or service allow for user selectable colours for all product components including text and background? • Does the product or service allow for user selectable fonts and font sizes? • Where graphics are used to convey information (eg. an image, a flowchart), have alternative means of conveying that information to visually impaired users been provided? • Does the product or service provide, in all circumstances, a visual focus indicator that tracks the input focus? • Where pop up boxes are used (eg. for error messages and system information), do they always take focus? • Does each window have a proper and unique identifier? • Are all controls, graphics and buttons properly and uniquely labelled? • Is every link on every page properly and uniquely identified? • Does the product or service have a complete logical tab order? • Have techniques to simplify or expedite use been provided in all appropriate places eg have all appropriate shortcut keys (such as Alt and H, Ctrl and Z) been provided? • Does the product or service have a common look and feel throughout? • Is navigation through the product or service simple, intuitive and complete? • Do all supporting materials for the product or service (eg error messages, system help, user guides, CBT) conform to the standards above?
If the MISP development team address the issues that have been raised and can logically test they comply with the bullets above, I would suggest the best approach is to consolidate those changes into a release and advise my organisation that the release is available. We can then look to install the release on a clone environment and trial using assistive technologies, providing feedback as appropriate to the MISP Community.
iglocska
commented
4 years ago Makes sense, we'll try to keep them in mind. We have a UI refactor in progress and we want to ensure that we have the proper helpers in place to have more consistency with aria labels, correctly making all buttons / functionalities tab-accessible, but it will definitely take time.
Just our of curiosity, something we're a bit stumped on: How do you normally deal with graphing capabilities?
mdowens
commented
4 years ago Thanks Andras. Good question about Graphing display, I will raise this with our Accessibility Testing Team. Regards, Mike
Dear MISP Community, My organization has carried out an "Accessibility Test" with MISP and found the following issues. We have adopted MISP and we have an obligation to ensure that it can be used by all employees. Thanks in advance for your help resolving these issues. Regards, Mike
1) Event Actions, List Events, enter Filter criteria then click on Filter. JAWS Reader issue - Results table does not have header or unique name location = /events/index/searchall:xyz/sort:published sort:Org sort:owner etc
2) Create Event JAWS Reader issue - cannot navigate through Add Event Date picker because dates are not announced JAWS Reader issue - Distribution Box reads "blank" before name of the Distribution location = id="EventAddForm" input id="EventDate" select id="EventDistribution"
3) View Event, Event form JAWS Reader issue - panel headings "-Pivots -Galaxy -Event graph -ATT&CK matrix -Attributes -Discussion" cannot be selected, need to be buttons location = button id="pivots_toggle" button id="galaxies_toggle"
4) View Event, Event form JAWS Reader issue - Event ID is not labelled / read out location = class=meta_table_key data-original-title
5) View Event, Event form, IOC Table JAWS Reader issue - IOC Table, Scope toggle headings "All, File, Network, Financial, Proposal, Correlation etc" need to be uniquely named, they are not read out location = Event form, id="attributeList" id="simple filter"
6) Event Actions, Search Attribute Read & Write Gold issue - Need to announce "Attributes" in the heading of the Search Attributes form. Currently announcing background wording location = form id="AttributeSearchForm"
7) Event Actions, Search Attributes ZoomText issue - Needs clearer "Search" button at end of each line, must search on the form for the Search button location = form id="AttributeSearchForm"
8) Event Actions, Attributes form Read & Write Gold issue - Currently announcing background wording at end of first entry line location = /attributes/search/results class="attributes index"
If you would like to report a bug, please fill the template bellow
Work environment
Expected behavior
Actual behavior
Steps to reproduce the behavior
Logs, screenshots, configuration dump, ...