Is possible to bypass this behavior?

Here, we make authentication through ajax requests, and this fix breaks it.