Just asserting Location header is not enough, as http status code value is important for the implementation, so assert for its value.

Also fix https-only redirect status code value, which supposed to be FOUND, not default MOVED_PERMANENTLY.