diff --git a/BTCPayServer/Security/APIKeys/APIKeyAuthenticationHandler.cs b/BTCPayServer/Security/APIKeys/APIKeyAuthenticationHandler.cs
index 1ef14a1f3..bfb9b4c7e 100644
--- a/BTCPayServer/Security/APIKeys/APIKeyAuthenticationHandler.cs
+++ b/BTCPayServer/Security/APIKeys/APIKeyAuthenticationHandler.cs
@@ -74,7 +74,7 @@ namespace BTCPayServer.Security.APIKeys
         {
             string authHeader = Context.Request.Headers["Authorization"];
 
-            if (authHeader == null || !authHeader.StartsWith("Basic ")) return AuthenticateResult.NoResult();
+            if (authHeader == null || !authHeader.StartsWith("Basic ", StringComparison.OrdinalIgnoreCase)) return AuthenticateResult.NoResult();
             var encodedUsernamePassword = authHeader.Split(' ', 2, StringSplitOptions.RemoveEmptyEntries)[1]?.Trim();
             var decodedUsernamePassword =
                 Encoding.UTF8.GetString(Convert.FromBase64String(encodedUsernamePassword)).Split(':');
diff --git a/BTCPayServer/Views/PaymentRequest/EditPaymentRequest.cshtml b/BTCPayServer/Views/PaymentRequest/EditPaymentRequest.cshtml
index 436f40902..1c7895e52 100644
--- a/BTCPayServer/Views/PaymentRequest/EditPaymentRequest.cshtml
+++ b/BTCPayServer/Views/PaymentRequest/EditPaymentRequest.cshtml
@@ -61,7 +61,7 @@
                     </div>
                     <div class="form-group">
                         <label asp-for="Email" class="control-label"></label>
-                        <input type="email" asp-for="Email" class="form-control"></input>
+                        <input type="email" asp-for="Email" class="form-control" />
                         <span asp-validation-for="Email" class="text-danger"></span>
                     </div>
                     <div class="form-group">