diff --git a/canarytokens/tokens.py b/canarytokens/tokens.py
index 22777037c..69bd87fc9 100644
--- a/canarytokens/tokens.py
+++ b/canarytokens/tokens.py
@@ -272,10 +272,10 @@ def correct_base32_padding(b32_data):
             return b32_data
 
         if file_name and file_name != "f":
-            b32_data = correct_base32_padding(file_name[0:])
+            b32_data = correct_base32_padding(file_name[0:].upper())
             data["windows_fake_fs_file_name"] = base64.b32decode(b32_data).decode()
         if process_name and process_name != "i":
-            b32_data = correct_base32_padding(process_name[0:])
+            b32_data = correct_base32_padding(process_name[0:].upper())
             data["windows_fake_fs_process_name"] = base64.b32decode(b32_data).decode()
 
         return {"src_data": data}
@@ -570,8 +570,8 @@ def _get_info_for_webdav(request: Request):
         hit_time = datetime.utcnow().strftime("%s.%f")
         hit_info = {
             "additional_info": WebDavAdditionalInfo(
-                 file_path=request.getHeader("X-Alert-Path"),
-                 useragent=http_general_info["useragent"],
+                file_path=request.getHeader("X-Alert-Path"),
+                useragent=http_general_info["useragent"],
             ),
             "geo_info": queries.get_geoinfo(ip=client_ip),
             "input_channel": INPUT_CHANNEL_HTTP,
diff --git a/tests/units/test_tokens.py b/tests/units/test_tokens.py
index ec5f8f86b..e463058b4 100644
--- a/tests/units/test_tokens.py
+++ b/tests/units/test_tokens.py
@@ -99,6 +99,13 @@ def test_cmd_process_pattern(
             "doc b.docx",
             "explorer.exe",
         ),
+        (
+            # ensure lowercase also works
+            "u7595.fmrxwgidcfzsg6y3y.imv4ha3dpojsxeltfpbsq.someid.sometoken.com",
+            "7595",
+            "doc b.docx",
+            "explorer.exe",
+        ),
         (
             "u7595.f.iMV4HA3DPOJSXELTFPBSQ.someid.sometoken.com",
             "7595",