From d8a0719731fe5a6704fc82c2607bdc2dc6a81c0a Mon Sep 17 00:00:00 2001
From: bashrc <bob@libreserver.org>
Date: Sun, 5 Apr 2026 17:31:25 +0100
Subject: [PATCH] Check upper and lower case cookies

---
 httpheaders.py | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/httpheaders.py b/httpheaders.py
index 0a3b68a19..6c0bd4ca7 100644
--- a/httpheaders.py
+++ b/httpheaders.py
@@ -282,10 +282,14 @@ def contains_suspicious_headers(headers: {}) -> bool:
         return True
 
     # check for bad cookies
-    if 'Cookie:' in headers_str:
-        cookie_str = headers_str.split('Cookie:')[1]
-        if '=' in cookie_str:
-            cookie_name = cookie_str.split('=')[0].strip()
-            if cookie_name != 'epicyon':
-                return True
+    cookie_fields = ('Cookie:', 'cookie:')
+    for cookie_fieldname in cookie_fields:
+        if cookie_fieldname not in headers_str:
+            continue
+        cookie_str = headers_str.split(cookie_fieldname)[1]
+        if '=' not in cookie_str:
+            continue
+        cookie_name = cookie_str.split('=')[0].strip()
+        if cookie_name != 'epicyon':
+            return True
     return False