diff --git a/policy-test/tests/admit_http_route_gateway.rs b/policy-test/tests/admit_http_route_gateway.rs
index 49fd503617e5c..dd49854dbc324 100644
--- a/policy-test/tests/admit_http_route_gateway.rs
+++ b/policy-test/tests/admit_http_route_gateway.rs
@@ -3,6 +3,7 @@ use k8s_gateway_api::CommonRouteSpec;
 use k8s_gateway_api::HttpPathMatch;
 use k8s_gateway_api::HttpPathModifier;
 use k8s_gateway_api::HttpRequestMirrorFilter;
+use k8s_gateway_api::HttpRequestRedirectFilter;
 use k8s_gateway_api::HttpRoute;
 use k8s_gateway_api::HttpRouteFilter;
 use k8s_gateway_api::HttpRouteMatch;
@@ -136,6 +137,66 @@ async fn accepts_not_implemented_extensionref() {
     .await;
 }
 
+#[tokio::test(flavor = "current_thread")]
+async fn rejects_relative_path_match() {
+    admission::rejects(|ns| HttpRoute {
+        metadata: meta(&ns),
+        spec: HttpRouteSpec {
+            inner: CommonRouteSpec {
+                parent_refs: Some(vec![server_parent_ref(ns)]),
+            },
+            hostnames: None,
+            rules: Some(vec![HttpRouteRule {
+                matches: Some(vec![HttpRouteMatch {
+                    path: Some(HttpPathMatch::Exact {
+                        value: "foo/bar".to_string(),
+                    }),
+                    ..HttpRouteMatch::default()
+                }]),
+                filters: None,
+                backend_refs: None,
+            }]),
+        },
+        status: None,
+    })
+    .await;
+}
+
+#[tokio::test(flavor = "current_thread")]
+async fn rejects_relative_redirect_path() {
+    admission::rejects(|ns| HttpRoute {
+        metadata: meta(&ns),
+        spec: HttpRouteSpec {
+            inner: CommonRouteSpec {
+                parent_refs: Some(vec![server_parent_ref(ns)]),
+            },
+            hostnames: None,
+            rules: Some(vec![HttpRouteRule {
+                matches: Some(vec![HttpRouteMatch {
+                    path: Some(HttpPathMatch::Exact {
+                        value: "/foo".to_string(),
+                    }),
+                    ..HttpRouteMatch::default()
+                }]),
+                filters: Some(vec![HttpRouteFilter::RequestRedirect {
+                    request_redirect: HttpRequestRedirectFilter {
+                        scheme: None,
+                        hostname: None,
+                        path: Some(HttpPathModifier::ReplaceFullPath {
+                            replace_full_path: "foo/bar".to_string(),
+                        }),
+                        port: None,
+                        status_code: None,
+                    },
+                }]),
+                backend_refs: None,
+            }]),
+        },
+        status: None,
+    })
+    .await;
+}
+
 fn server_parent_ref(ns: impl ToString) -> ParentReference {
     ParentReference {
         group: Some("policy.linkerd.io".to_string()),