diff --git a/flask_cors/core.py b/flask_cors/core.py
index 09150ea..0ef2b1e 100644
--- a/flask_cors/core.py
+++ b/flask_cors/core.py
@@ -270,7 +270,10 @@ def try_match(request_origin, maybe_regex):
     elif probably_regex(maybe_regex):
         return re.match(maybe_regex, request_origin, flags=re.IGNORECASE)
     else:
-        return request_origin == maybe_regex
+        try:
+            return request_origin.lower() == maybe_regex.lower()
+        except AttributeError:
+            return request_origin == maybe_regex
 
 
 def get_cors_options(appInstance, *dicts):
diff --git a/tests/decorator/test_allow_headers.py b/tests/decorator/test_allow_headers.py
index 8e08396..6ad3a00 100644
--- a/tests/decorator/test_allow_headers.py
+++ b/tests/decorator/test_allow_headers.py
@@ -58,6 +58,18 @@ def test_allow_headers_with_request_headers(self):
         self.assertEqual(resp.headers.get(ACL_ALLOW_HEADERS),
                          'X-Example-Header-A')
 
+    def test_allow_headers_with_request_headers_case_insensitive(self):
+        '''
+            HTTP headers are case insensitive. We should respect that
+            and match regardless of case, returning the casing sent by
+            the client
+        '''
+        resp = self.preflight('/test_allow_headers',
+                              origin='www.example.com',
+                              cors_request_headers=['X-Example-header-a'])
+        self.assertEqual(resp.headers.get(ACL_ALLOW_HEADERS),
+                         'X-Example-header-a')
+
     def test_allow_headers_with_unmatched_request_headers(self):
         '''
             If every element in the Access-Control-Request-Headers is not an