I figured I was very wrong from the beginning. If a user hits http it would be a GET by nature and hence forced to redirect to a viewable page that runs on HTTPS. You are right.
My script would work in the test machine only because I did something special.