This test loads a secure iframe that loads an insecure style sheet. We should trigger a mixed content callback because an active network attacker can use CSS3 to breach the confidentiality of the HTTPS security origin.