I have a Nginx websocket reverse proxy and I would like to hide a HTTP header from the client request.

proxy_hide_header hides the server response headers and can't be used for hiding client request headers.

I would like to do that because the websocket server behind nginx doesn't work well with the websocket extension "permessage-deflate" so I would like to remove the Sec-WebSocket-Extensions header from client requests.

You can set a header value to void and Nginx will drop it :

proxy_set_header       Sec-WebSocket-Extensions "";

The official documentation explains the correct way to remove a client request header:

If the value of a header field is an empty string then this field will not be passed to a proxied server:

proxy_set_header Accept-Encoding "";

In case that wasn't clear, this is more than just a workaround to mask the value; the entire header will be dropped.