Right, sorry, I guess we are painted into a corner this way. I guess it can be done with just SecureURLParams, using that between edge and origin as well.
I tried it, this works between edge and origin: Make sure you only have ModuleSecureURLParams enabled in the origin Application.xml, then add this Property to the Properties container at the bottom of that file:
Then in the edge Application.xml add the querystring to the /Repeater /QueryString like this:
You can use .stream files or the /OriginURL method of connecting to the origin.