Hi @jinder_Singh , thanks for the announcement!
But we use cross-domain CSRF for SAML authentication to Okta, and we have another client that uses it for logging in from their custom frontend (albeit on an old version of Open edX, and there may be better APIs for this now CC @itsjeyd ).
Instead of removing this middleware entirely, could it be moved to a plugin so that users who need it can still use it?