You may want to enable HSTS (HTTP Strict Transport Security) headers for your redirects to improve security.
If enabled, we will send the following header on every request:
Strict-Transport-Security: max-age=31536000; preload
If HSTS is enabled, we will also automatically upgrade your request to HTTPS first before executing the redirect itself. This improves security by keeping it on the same hostname on the HTTPS upgrade.
HSTS can be enabled on team level to set it for all domains. Or you can overrule the team default setting for a specific domain.
We recommend enabling this for all domains.