Dynamic Forms and AntiForgeryToken MVC

Question

I want to create dynamic forms on a MVC page that will generate something like this.

onclick="
    var f = document.createElement('form'); 
    f.style.display = 'none'; 
    this.parentNode.appendChild(f); 
    f.method = 'POST'; 
    f.action = this.href;
    var s = document.createElement('input'); 
    s.setAttribute('type', 'hidden');
    s.setAttribute('name', 'authenticity_token'); 
    s.setAttribute('value', '6I6td2wJRI9Nu5Au/F3EfOQhxJbEMXabuVXM0nXonkY=');
    f.appendChild(s);
    f.submit();
    return false;"

I am just not sure how I can implement the AntiForgeryToken on something like above?!? any helpwould be appreciated

Answer 1

It seems that you are calling dynamic forms is in fact an effort to convert anchor links into forms so that you can POST instead of GET. In this case I would recommend you to generate the form directly on the server instead of bothering with emitting a link which you would later turn into a form using all this javascript in the onclick event:

So instead of:

<%= Html.ActionLink("OK", "controller", "action", null, 
    new { onclick = "Some ugly javascript" })%>

you could directly:

<% using (Html.BeginForm("controller", "action")) { %>
    <%= Html.AntiForgeryToken() %>
    <input type="submit" value="OK" />
<% } %>