Ensure that object graphs are collected from secure context

[foolip]

I've been playing with https://github.com/mdittmer/web-apis#manual-data-collection-setup to get data from browsers (and versions) not available on BrowserStack.

Setting it up, I could use HTTPS or not, and the easiest thing for me would be to use HTTPS since I have HSTS enabled on foolip.org which I'd use to test.

Since more APIs are exposed on secure contexts, it would make sense to assert in the data collection that isSecureContext is either undefined or true, but never false. The assumption is that any browser that limits any API to secure contexts will also have isSecureContext.

@mdittmer, does this make sense, and where would the check have to be to also fail in the case of automated data collection from BrowserStack?