Case insensitive matching of access-control-request-headers

[tuxpiper]

Hi,

please consider pulling this change. We had problems with Safari not getting any CORS headers at all from our app. It turns out that corser wasn't matching the capitalized header names provided by the browser (i.e. "Accept" instead of "accept")

[mwawrusch]

Ha, you beat me to that one :-)

[agrueneberg]

Nice catch! Just pushed version 1.1.2 to npm. Thanks!