CONSOLE ERROR: Mixed Content: The page at 'https://127.0.0.1:8443/security/mixedContent/resources/frame-with-data-url-frame-with-script.html' was loaded over HTTPS, but requested an insecure script 'http://127.0.0.1:8080/security/mixedContent/resources/script.js'. This request has been blocked; the content must be served over HTTPS.
This test opens a window that loads a data: iframe that loads an insecure script, and that the script is still blocked. Although the data: frame has a separate origin, the script can still navigate top.