Steps to reproduce the problem:
1. Created a test website with the following HTML
<html>
<title>Test</title>
<head>
<script src="https://cdnjs.cloudflare.com/ajax/libs/airbrake-js/0.9.4/client.js"></script>
<script>
    airbrake = new airbrakeJs.Client({projectId: , projectKey: ''}); // Removed our specific details for airbrake
    try {
         function test() {
              iframe = document.createElement('iframe');
              iframe.src = "//webpagetest.org";
              document.body.appendChild(iframe);
         }
    } catch (e) {
        airbrake.notify(e);
    }
</script>
<script>window.onerror = function (msg, url, lineNo, columnNo, error) {
       console.log("caught error");
       airbrake.notify(msg);
       return false;
     }</script>
</head>
<body onload="test()">
<h1>Hi.</h1>
</body>
</html>

2. Loaded the test webpage on the latest chrome version on iOS

3. Received a SecurityError (DOM Exception 18): Blocked a frame with origin "http://mywebsite from accessing a frame with origin "https://www.webpagetest.org". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "https". Protocols must match. from the following method(s)

:1:297 in hasPasswordField_
:1:428 in hasPasswordField_
:1:173 in findPasswordForms
:9:27 in global code

What is the expected behavior?
No security error as my code is not attempting any cross origin requests

What went wrong?
Received security errors which we cannot prevent

Did this work before? Yes We believe the version prior to this worked as we saw a spike in errors shortly after the release of this version

Chrome version: 60.0.3112.89  Channel: stable
OS Version: iOS 10
Flash Version: