I tested with 3 browser configs:
OSX, Firefox 54, strict config
Referer:https://forum.mysite.com/embed/comments?embed_url=https%3A%2F%2Fmysite.com%2Ffoo%2Fbar%2F The referer did not match any of the following hosts: mysite.com
Failed to execute ‘postMessage’ on ‘DOMWindow’: The target origin provided (‘https://forum.mysite.com’) does not match the recipient window’s origin (‘https://mysite.com’).
OSX, Firefox 54, everything enabled
Load denied by X-Frame-Options: https://forum.mysite.com/login does not permit cross-origin framing.
WinXP, Firefox 52, everything enabled
The embedded comments are working fine.