Use case-insensitive comparison when comparing JIDs.

remoting/host/access_verifier.cc

Index: remoting/host/access_verifier.cc
diff --git a/remoting/host/access_verifier.cc b/remoting/host/access_verifier.cc
index 62718162c7f315a9d7c623d870a3f755bddf0958..9e37da37c1143fbe54c88d8df33b69d9a24802ec 100644
--- a/remoting/host/access_verifier.cc
+++ b/remoting/host/access_verifier.cc
@@ -34,9 +34,18 @@ bool AccessVerifier::VerifyPermissions(
     const std::string& client_jid,
     const std::string& encoded_access_token) {
   CHECK(initialized_);
+
+  // Reject incoming connection if the client's jid is not an ASCII string.
+  if (!IsStringASCII(client_jid)) {
+    LOG(ERROR) << "Rejecting incoming connection from " << client_jid;
+    return false;
+  }
+
   // Check that the client has the same bare jid as the host, i.e.
-  // client's full jid starts with host's bare jid.
-  if (!StartsWithASCII(client_jid, host_jid_prefix_, true)) {
+  // client's full JID starts with host's bare jid. Comparison is case
+  // insensitive.
+  if (!StartsWithASCII(client_jid, host_jid_prefix_, false)) {
+    LOG(ERROR) << "Rejecting incoming connection from " << client_jid;
     return false;
   }