We use Discourse embedding for Jekyll at New ROOT Web Site! - ROOT - works like a charm! Unless - the browser is suppressing the
Referer: header, in which case we get a
400 Bad Request. Try yourself - if you switch to a private Firefox window (which suppresses referrers) then embedding is broken. Same for Safari which seems to be a bit stricter on handing out referrers.
I cross checked by looking at https://root-forum.cern.ch/embed/comments?embed_url=https%3A%2F%2Froot.cern%2Fblog%2Fnew-web-site%2F in a Firefox private window which gives me a HTTP 400; then editing the request to add
Referer: https://root.cern/blog/new-web-site/ - and the 400 turns into a 200 happiness.
We do have “embed any origin” enabled. We have comments for exactly one embedding site. Is there a way we can make that work?