Header names are case insensitive

Move header checks to web_site

lib/wpscan/web_site.rb

@@ -1,9 +1,11 @@
 # encoding: UTF-8
 
 require 'web_site/robots_txt'
+require 'web_site/interesting_headers'
 
 class WebSite
   include WebSite::RobotsTxt
+  include WebSite::InterestingHeaders
 
   attr_reader :uri
 

lib/wpscan/web_site/interesting_headers.rb

@@ -1,6 +1,6 @@
 # encoding: UTF-8
 
-class WpTarget < WebSite
+class WebSite
   module InterestingHeaders
 
     # Checks for interesting headers
@@ -8,10 +8,15 @@ class WpTarget < WebSite
     def interesting_headers
       response = Browser.head(@uri.to_s)
       headers = response.headers
-      InterestingHeaders.known_headers.each do |h|
-          headers.delete(h)
+      # Header Names are case insensitve so convert them to upcase
+      headers_uppercase = headers.inject({}) do |hash, keys|
+        hash[keys[0].upcase] = keys[1]
+        hash
       end
-      headers.to_a.compact.sort
+      InterestingHeaders.known_headers.each do |h|
+        headers_uppercase.delete(h.upcase)
+      end
+      headers_uppercase.to_a.compact.sort
     end
 
     protected
@@ -25,7 +30,6 @@ class WpTarget < WebSite
         Content-Length
         Connection
         Etag
-        ETag
         Expires
         Last-Modified
         Pragma

lib/wpscan/wp_target.rb

@@ -6,7 +6,6 @@ require 'wp_target/wp_readme'
 require 'wp_target/wp_registrable'
 require 'wp_target/wp_config_backup'
 require 'wp_target/wp_login_protection'
-require 'wp_target/interesting_headers'
 require 'wp_target/wp_custom_directories'
 require 'wp_target/wp_full_path_disclosure'
 
@@ -16,7 +15,6 @@ class WpTarget < WebSite
   include WpTarget::WpRegistrable
   include WpTarget::WpConfigBackup
   include WpTarget::WpLoginProtection
-  include WpTarget::InterestingHeaders
   include WpTarget::WpCustomDirectories
   include WpTarget::WpFullPathDisclosure