Response Headers Set to lowercase in https

I am trying to set CORS headers in server responses and it works on http where I get

Access-Control-Allow-Origin

this is recognized by the browser correctly.

On https I get

access-control-allow-origin

the browser does not recognize this and blocks the response. Anyone know how to fix this?

Just to let you know, CORS doesn’t work on our hosting due to a security system we use. You can read more about that here: https://infinityfree.net/support/javascript-error-using-api-or-mobile-android-app/