Trusted Push Server List (TPSLIST)

Trusted Push Server List (TPSLIST)

Depending upon the TPSLIST setting in the script file, the Push Message is either accepted for additional processing or denied.

An administrator can set the security level using the following domain-based security values for the TPSLIST parameter in the 46xxsettings.txt script file.


System Value Name	Application Software Default	Usage (Value Range; References)
TPSLIST	“” (Null)	List of Trusted Push Servers. Contains zero or more domain/path strings, separated by commas without any intervening spaces. Up to 255 ASCII characters, including commas are allowed.

Specifically, the List of Trusted Push Servers contains one or more domains and paths in a DNS format or an IP Address in dotted-decimal format, separated by commas.

The administrator sets the TPSLIST values in the 46xxsettings.txt script file on the HTTP server. See the Avaya one-X Deskphone Edition for 9600 Series IP Telephones Administrator Guide on the http://www.avaya.com/support Web site for more details.
If the value of TPSLIST is null, Push Messages cannot be received and the Push interface is disabled.
If the value of TPSLIST contains only a forward slash character (/), then all Push Messages are accepted, meaning any Push server is considered a Trusted Push Server.
Wild cards such as asterisks are not allowed for URL strings in the TPSLIST.

If the pushed URI string (the value of the Push Request’s href attribute in the <go> tag does not begin with the proper HTTP schema, http://, the URI string is rejected and the response back to the Push Initiator contains the following parameters:


Parameter	Status Code	Reason Phrase
HTTP Status Code	403	“Forbidden”
x-Push-Status	402	“Push security failure”

To validate a particular pushed URI string, a string-based comparison is done against the values of the TPSLIST administered in the 46xxsettings.txt script file.