Enable AJAX blocking behavior (JavaScript injection)?

Final results :

Bug 1 : even if you disable AJAX response in your security policy, you get an AJAX response page as long as there is x-ts-ajax-request:true header present in the request.

Bug 2 : The feature inject a javascript code within the site which works fine for all browsers except IE11. The browser refuse to execute the code for security reasons. After checking, it sounds that it's a bug on IE11, but Microsoft states in a blog post that only security issues will be fixed. After digging into the Internet Explorer configuration, this is working when we set Compatibility Mode to IE8 but most of modern websites fail in that case.