Host header injection and https redirections


We are using traefik as our k8s ingress and a configured it to redirect http requests to https using the following config on helm (additional arguments omitted):
- "" ## Forward all HTTP traffic to HTTPS

If a request with a malicious host header is made using https, traefik correctly responds with a 404 error. However, for requests using http, traefik returns a redirect response with the location set to whatever is in the Host header. This causes the client to resend the request to that location.

Is there a way to prevent this behavior while using global redirect scheme?