Cors-policy in my application allows requests only from one specific domain. Is csrf-token redundant in this case?
