The best prevention is not allowing redirects at all or only allowing redirections that keep the hostname intact -- while an option for much software, it isn't an option for web browsers.
Partially scratch that -- restricting to ‘keeping hostname intact’ is insufficient, because there could be a DNS record that points 'website via http' to 127.0.0.1, and hence a redirect from https://website --> http://website can change IP addresses from global Internet to local computer.
Best regards, Maxime Devos.
OpenPGP_0x49E3EE22191725EE.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
