The method I have used is as follows.
<head>
<style>
.noscript-error {
background-image: url(noscript.php)
}
</style>
<style>
@import url(chrome://noscript/skin/browser.css);
</style>
</head>
<body>
<div class="noscript-error">If noscript is NOT installed (and enabled) then Firefox will make a request for noscript.php.
</div>
</body>
It's pretty self-explanatory. This can confirm if NoScript is not in use. You'll just need to do whatever you choose in noscript.php to set something in the session that says NoScript is disabled.
NOTE: In other browsers noscript.php
will always be called, this isn't an issue becaue even if another browser is used and calls noscript.php, it won't be using NoScript as it is for Firefox only.
You can do your own magic to avoid this call if you want, but worst edge-case where a user-agent is being spoofed you'll still have an accurate indicator of whether or not NoScript is being used.
More info here
Also if you just want to know server-side whether or not JavaScript is enabled you can use
<noscript>
<img src="noJS.php" alt="JavaScript is disabled" />
</noscript>
In noJS.php
you can write a PHP script to render a single transparent pixel (PNG or GIF) and within that script set a session variable, or store the information.