How to Fix the 3CX Phonebook to Work Properly With Cisco 79XX IP Phones

I figured this out myself through trial and error and I wanted to post this here to hopefully help someone else out who runs these old phones in a homelab like me.

On the support page for the Cisco 79xx series of phones, 3CX says that the Company Phonebook is not supported. This is true, but the fix for it is very easy. After much playing around, when I set the directory_url in the phone’s TFTP config to a different web server with a copy of the phonebook XML file and compared the HTTP requests, I finally spotted the issue. Watching the telnet console as I pressed the Directory button and selected the External Directory option on the phone, I found out that the headers that 3CX sends back are too long for the Cisco 7960 (in my case) to deal with and the headers leak through into what should only be the XML payload.

This is from the telnet console that 3CX can provide you (if enabled via the TFTP config file) to your 79XX phone with debug http enabled. Note the portion of the header underlined in red which should NOT be inside the data portion of the request response…

The probably not ideal but “works for me” fix I implemented was to edit the shared-headers.conf file located in /var/lib/3cxpbx/Bin/nginx/conf.In that file I simply deleted the last add_header statement that sets the Strict-Transport-Security flag. With that removed, the headers sent by nginx are short enough and do not leak into the payload data. The phone sees valid XML and it parses the contacts just fine. This is obviously a problem on the phone firmware side, but considering how old these phones are and that nobody would ever support or make fixes for them, this is about as good as you are gonna get.

I have not done extensive testing on what completely removing the Strict Transport Security header would possibly affect or break, so do this fix at your own risk. Especially if your 3CX instance is public facing.