From a2a9a57fdd753654b1bf40a4bf7cfed0e80b3f31 Mon Sep 17 00:00:00 2001
From: Jaydn <gitlab@jaydn.net>
Date: Tue, 3 Sep 2024 10:44:32 +0930
Subject: [PATCH] Lowercase string when comparing HTTP header for debug output

HTTP/2 requests to Davical with debug mode result in logged
Authorization header as the comparison is currently case sensitive

https://datatracker.ietf.org/doc/rfc9113/
> 8.2.  HTTP Fields
> Field names MUST be converted to lowercase when constructing an HTTP/2
message.
---
 htdocs/caldav.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/caldav.php b/htdocs/caldav.php
index 5733d5cc..749eeeb9 100644
--- a/htdocs/caldav.php
+++ b/htdocs/caldav.php
@@ -28,7 +28,7 @@ function logRequestHeaders() {
   dbg_error_log( "LOG ", "***************** Request Header ****************" );
   dbg_error_log( "LOG ", "%s %s", $_SERVER['REQUEST_METHOD'], $_SERVER['REQUEST_URI'] );
   foreach( $lines AS $k => $v ) {
-    if ( $k != 'Authorization' || (isset($c->dbg['password']) && $c->dbg['password'] ) )
+    if ( strtolower($k) != 'authorization' || (isset($c->dbg['password']) && $c->dbg['password'] ) )
       dbg_error_log( "LOG headers", "-->%s: %s", $k, $v );
     else
       dbg_error_log( "LOG headers", "-->%s: %s", $k, 'Delicious tasty password eaten by debugging monster!' );