This is par for the course, however, as there is a large move from HTTP to HTTPS traffic, and Google.com and Chrome, in many cases, are warning users who browse to insecure HTTP hosted websites.
While this is true and good, the much simpler reason I guess is that a non-HTTPS access from the extension’s iframe just wouldn’t be allowed in an HTTPS context (which Twitch is by default) by common browsers.