Thanks HJ,
Using a HTTPS URL made the script load when browsing the shop in secure more as you said.
However, now I run into a certificate issue that displays an alert in my browser when I use the HTTPS url to display a shop and it seems to also prevent some of the other assets my app uses from loading properly (I get a "identity not verified" warning).
I think it's a more a matter of setting up the CDN properly that a Shopify issue though...