create_secure_redirect_policy

Function create_secure_redirect_policy 

Source
pub fn create_secure_redirect_policy() -> Policy
Expand description

Creates a secure redirect policy that only allows HTTP to HTTPS upgrades on the same host.

This policy prevents SSRF attacks via redirect chains while still allowing legitimate protocol upgrades (e.g., when a user configures http:// but the server redirects to https://).

§Security Guarantees

  • Single redirect only: Prevents redirect chains that could be used to bypass security
  • Same host required: The redirect target must have the exact same host as the original request
  • Protocol upgrade only: Only allows httphttps, blocks all other redirects