Not being a developer, this thread leaves me puzzled about what the conclusion is regarding embedding discourse in an IFRAME. When you say:
This sounds to me like: problem solved, especially since - in my case - everything would not only be happening under the same domain but even on the same server. But my understaning is also that this is nevertheless not supported and therefore not recommended for people like me. But why? If trusted domains can be specified?