Don’t know. I’ve never needed it for anything other than CRA.
I am really tired of being logged out. 
I don’t use a Tab Reloader, but simply use F5 to refresh my screen every 5 mins or so. However, with these last changes by CRA, I find that if I hit F5 only once, the page becomes a white screen. I now have to push F5 twice to fully refresh the page to return it to the login menu. I’m guessing that the Tab Reloaders only refresh once in the time period, thus the page gets timed out. Perhaps increasing the Tab Reloader refresh time to a shorter period, like 1 or two minutes between refreshes will help? Just a thought.
Good point. Will give that a try.
Don’t try it on a screen where taxpayer info is displayed in a table…(eg payment history); you’ll get booted back to the Choose Your Adventure screen and have to (almost) start over.
I sent in a note to Steve Watson at the Efile Association of Canada and asked if he had any avenue of complaint about this…waiting for a response. This has ALL the hallmarks of a “game” by programmers just to cause irritation.
2 Likes
5 minutes seems to work. Bounces around between the “Welcome” page, the “Access client information” page and the “beta or blank” page.
Doesn’t work for me - I’ve always had Tab Reloader set for 5 min. Used to work. Now it just causes it to go to that blank white page until I hit F5 again.
Have it refresh the blank white page as well on the same 5 minute interval.
Who knows this?
Can the newcomer use Efile, or has to be paper-filed?
Thanks,
Laura
How do you get TabReloader to distinguish whether the page is blank or not? I haven’t found that in the settings.
Just have the url of the blank page listed as one you refresh I imagine.
My refresher is refreshing it as well as the other two pages.
The URL of the blank page is the same as the RAC page we’re trying to keep open: https://apps4.ams-sga.cra-arc.gc.ca/
That is, the URL doesn’t change…does it? Even if it did, how would you specify that in the settings:
I really don’t know what to add. I don’t play with the settings too much. Maybe try a different refresher.
The url of my blank page has a different ending.
It is still not ideal and I hope we go back to normal at some point.
Ok, I figured it out. I had to uncheck the “Do not reload tab if offline”
I thought “offline” meant “no connection to the internet from this computer”. Apparently not.
Works for me now. URL doesn’t matter.
1 Like
This has been done deliberately to limit site usage. Almost all of the browser based “keep alive” or “tab re-loader” plugins simply refresh a webpage at certain intervals selected by the user in order to trick the server into thinking there is still client activity on their site. What the CRA has done to circumvent this is basically disable “page refresh” (even manual refresh) from working on their My Account or Represent a Client website. I think if you are logged into Represent a Client you pretty much need to do a double refresh to get back from the white screen that a single refresh takes you to.
In order to get around these added measures you need to find or insert code that keeps the session alive without refreshing or reloading the page. Lets say code that mimics a keyboard stroke or mouse click or possibly some type of client side javascript AJAX request that would send random requests, tricking the server into thinking the session is still active without reloading the page.
I don’t really need to have the CRA website open all day long, but what I find the biggest pain to be is having to log into the CRA in order to use AFR. I found that if I logged into the CRA and sat at the front gate (using a tab reloader) then I could AFR at will without having to enter credentials each time.
2 Likes
That is absolutely correct…it also appears to “hold” ANY page (so far at least in my limited testing…) that does NOT have a “form” on it. Anything where the form refreshes info from the server…kablooey! This is why the Choose Your Adventure page stays working OK on a refresh.
PLEASE PLEASE PLEASE everyone…complain to one or more of:
- your Professional Organization
- your MP (not that they give a *&^^$)
- CRA through a Service Complaint
- the EFILE Association of Canada etc.
If they get enough “noise” maybe they’ll understand that we don’t want to log in 25 times a day…
1 Like
I don’t think complaining is going to help. Even if every accountant in Canada complained to CRA about this, it wouldn’t make a difference. The fact is that if we (accountants) can keep our connection open longer than we should, other malicious actors will be able to exploit that ability, too. There is no way for CRA to devise a system that can determine whether the user is a law-abiding citizen, nor whether a legitimate user’s connection has been hijacked by bots or rootkits or keyloggers, etc. The only thing they can do is limit the exposure to their internal systems by limiting a user’s connection time.
(unless there is some new technology (like AI?) that could do it - I got out of computer tech support about 20 years ago, but I haven’t seen any such systems with that capability)
To this I completely disagree - there is already a substantial, effective and proven method of limiting bad actor access to resources: It’s called a VPN, secured by a hardware token. CRA already uses exactly this for the staff. I use it for access to remote servers (clients’ and my own).
Limiting sessions to 5-10 minutes is pointless - and I’m willing to bet that they know it. Once a bad actor has access…guess what…they have access. A short session limit isn’t going to stop that. What stops it is good security hygiene at both ends, and their timeouts just aren’t the answer.
Most of their problems came about by their OWN bad practices…not OURS in that they allowed people to file slips and then processed them…and THEN on top of that allowed bad actors to Netfile undocumented returns which CRA processed. None of that has anything to do with us.
1 Like
A VPN only secures the communication channel from end to end. The problem is they can’t guarantee what human is on the other end. Or if it even is a human.
I agree, the security breaches in the last few years have mostly been due to people or processes internal to CRA - that has been the weakest point in their security. But, I I don’t think that’s going to be a good enough reason for them to loosen security protocols for the rest of us.
To be clear, I’d be happy if they did - it would make our lives easier. I just don’t think they will.
To add to this – have now tested this on the “Choose your Adventure” screen…has been sitting happily reloading there for hours. Good for AFR retrievals I guess. But makes NO security sense as between there…and ANY other location on RAC. Bizarre.