I ran into a scenario where I have to programmatically submit an asp.net MVC form using JavaScript (form.Submit()) when the user clicks a button outside of the form tags.

I believe when this is the case, none of the built-in ASP.NET MVC functionality is applied. Please correct me if I am wrong.

  1. No AntiForgery token is validated (which should work with the Controller tag [ValidatAntiForgeryToken])
  2. Unobtrusive validation does not work

I am assuming that in this scenario there really isn't much of an option but to figure out another way to handle CSRF. Additionally, another way to handle client-side validation, not being able to validate based on model data-annotations.

Related posts

Recent Viewed