Thanks for looking into this even deeper...
I am not knowledgeable enough about how cookies work inside iframes, so, will pass on your reply to our lead developer for feedback.
From my perspective, it seems that there still needs to be a trigger such as the ?keywod=value string in the URL, which can be invoked from inside the iframe (as the source URL). If this cookie solution can be made to work that way, I think this will be a good workaround. What do you think?