We had on server this thing set
http-response set-header X-Frame-Options DENY
Which in the end made all the ajax form on node edit/add, product edit/add stop working and throwing out errors on browser console.
Refused to display 'https://dev.site.com/system/ajax' in a frame because it set 'X-Frame-Options' to 'DENY'.
So this cant be used that way in drupal.