From c67cc8722e3b26b729c3fed75db51395b56ac8a0 Mon Sep 17 00:00:00 2001
From: Michael Merickel <michael@merickel.org>
Date: Thu, 17 Oct 2019 01:03:04 -0500
Subject: remove check_csrf view predicate

---
 docs/narr/security.rst | 23 -----------------------
 1 file changed, 23 deletions(-)

(limited to 'docs/narr/security.rst')

diff --git a/docs/narr/security.rst b/docs/narr/security.rst
index 2a7034a19..62730e7a8 100644
--- a/docs/narr/security.rst
+++ b/docs/narr/security.rst
@@ -896,26 +896,3 @@ If CSRF checks fail then a :class:`pyramid.exceptions.BadCSRFToken` or
 exception may be caught and handled by an :term:`exception view` but, by
 default, will result in a ``400 Bad Request`` response being sent to the
 client.
-
-Checking CSRF Tokens with a View Predicate
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-.. deprecated:: 1.7
-   Use the ``require_csrf`` option or read :ref:`auto_csrf_checking` instead
-   to have :class:`pyramid.exceptions.BadCSRFToken` exceptions raised.
-
-A convenient way to require a valid CSRF token for a particular view is to
-include ``check_csrf=True`` as a view predicate. See
-:meth:`pyramid.config.Configurator.add_view`.
-
-.. code-block:: python
-
-     @view_config(request_method='POST', check_csrf=True, ...)
-     def myview(request):
-         # ...
-
-.. note::
-   A mismatch of a CSRF token is treated like any other predicate miss, and the
-   predicate system, when it doesn't find a view, raises ``HTTPNotFound``
-   instead of ``HTTPBadRequest``, so ``check_csrf=True`` behavior is different
-   from calling :func:`pyramid.csrf.check_csrf_token`.
-- 
cgit v1.2.3