Ok, so I did some digging in the Apache logs and discovered that any time I made an ajax request from the C3 IDE, it wasn't even hitting the server. Run locally on the server, the GET requests were logged with no errors.
Since you guys say it works, I got to looking at the browser as a problem. Sure enough, one tiny little icon in the top right corner of Chrome notified me that this was an 'unsafe script'
I clicked on that, and the project did a proper ajax request and I got the proper response back
Since this script blocking didn't occur when run from html5 uploaded to the server and only occurred when running from the C3 IDE, I'm going to assume that my visitors aren't going to have this same issue with script blocking. Otherwise, them trying to spot that little warning icon is going to cause them to quickly give up.
Thanks for the suggestion guys, you put me on the right path.