From 91bb0eefa57a5046c0e6a0c9250f1935e553beec Mon Sep 17 00:00:00 2001
From: Micah Lee <micah@micahflee.com>
Date: Mon, 22 May 2017 14:58:23 -0700
Subject: [PATCH] Remove version string from http response headers, to avoid
 any information disclosure about the sender's server

---
 onionshare/web.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/onionshare/web.py b/onionshare/web.py
index 68b7fcb2..04cf4d1d 100644
--- a/onionshare/web.py
+++ b/onionshare/web.py
@@ -54,7 +54,7 @@ security_headers = [
     ('X-Xss-Protection', '1; mode=block'),
     ('X-Content-Type-Options', 'nosniff'),
     ('Referrer-Policy', 'no-referrer'),
-    ('Server', strings._('version_string').format(common.get_version()))
+    ('Server', 'OnionShare')
 ]
 
 def set_file_info(filenames, processed_size_callback=None):