From a61e4521564399df5b053aec4b9c1f2eeba7e6a8 Mon Sep 17 00:00:00 2001
From: Jerry Kindall <52084730+Jerry-AWS@users.noreply.github.com>
Date: Wed, 24 Aug 2022 10:44:48 -0700
Subject: [PATCH] correct casing of x-hub-signature headers

The header as it is sent is `x-hub-signature` not `X-Hub-Signature`. Casing won't matter if you're getting the header from an environment variable under Apache, as in the Ruby example here (Apache uppercases it and swaps in underscores for hyphens), but in other frameworks you'll need the correct casing to get the header out of a hash/dict. (e.g. AWS Lambda function URL, the headers come as part of a JSON object and you need the correct casing)
---
 .../webhooks-and-events/webhooks/securing-your-webhooks.md    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/content/developers/webhooks-and-events/webhooks/securing-your-webhooks.md b/content/developers/webhooks-and-events/webhooks/securing-your-webhooks.md
index df2281c42d..4bfb12f6f5 100644
--- a/content/developers/webhooks-and-events/webhooks/securing-your-webhooks.md
+++ b/content/developers/webhooks-and-events/webhooks/securing-your-webhooks.md
@@ -37,12 +37,12 @@ $ export SECRET_TOKEN=<em>your_token</em>
 
 ## Validating payloads from GitHub
 
-When your secret token is set, {% data variables.product.product_name %} uses it to create a hash signature with each payload. This hash signature is included with the headers of each request as `X-Hub-Signature-256`.
+When your secret token is set, {% data variables.product.product_name %} uses it to create a hash signature with each payload. This hash signature is included with the headers of each request as `x-hub-signature-256`.
 
 {% ifversion fpt or ghes or ghec %}
 {% note %}
 
-**Note:** For backward-compatibility, we also include the `X-Hub-Signature` header that is generated using the SHA-1 hash function. If possible, we recommend that you use the `X-Hub-Signature-256` header for improved security. The example below demonstrates using the `X-Hub-Signature-256` header.
+**Note:** For backward-compatibility, we also include the `x-hub-signature` header that is generated using the SHA-1 hash function. If possible, we recommend that you use the `x-hub-signature-256` header for improved security. The example below demonstrates using the `x-hub-signature-256` header.
 
 {% endnote %}
 {% endif %}