Is there any config to prevent tornado server to not send the version?
Jupyterlab details
$ jupyter --version
jupyter core : 4.7.1
jupyter-notebook : 6.4.3
qtconsole : not installed
ipython : 7.26.0
ipykernel : 6.1.0
jupyter client : 6.1.12
jupyter lab : 3.1.6
nbconvert : 6.1.0
ipywidgets : not installed
nbformat : 5.4.0
traitlets : 5.2.2
Who do you want to hide the header from?
You could put a proxy such as Nginx in front of your application, which will allow you to add/hide/modify any headers you want.
Thanks @manics , this issue showed up in our security evaluation. Yes, before i explored the nginx proxy route, wanted to know if there is a config knob in jupyterlab itself to accomplish this.
I think that you can achieve that creating a custom jupyter-server extension and adding appropriate add_transform method as discussed in web: Remove version from server header · Issue #2935 · tornadoweb/tornado · GitHub. In worst case scenario you would need to monkey patch the server class but I don’t think that would be needed.