HTTP header name matches should be case insensitive.

[GrahamDumpleton]

Describe the bug

The HTTP specification (https://www.rfc-editor.org/rfc/rfc7230#section-3.2) says:

Each header field consists of a case-insensitive field name followed by a colon (":"), optional leading whitespace, the field value, and optional trailing whitespace.

The web socket code does not perform case insensitive matches and expects headers to have capitalised first character. Eg:

    start = strstr(handshake, "\r\nHost: ");
    if (!start) { err("missing Host header"); return 0; }

Source: https://github.com/kasmtech/KasmVNC/blob/5ea11df3c02343f44533f7a44be3b97b9b9471fb/common/network/websocket.c#L647C1-L648C58

This will fail checking and error if a browser or proxy passes/modifies headers such that passed as lower case.

KasmVNC Details

Using kasmweb/alpine-320-desktop:1.16.1 from Docker Hub.