Has anyone had to deal with several AntiForgeryTokens in a child view of the homepage? The scenario I'm thinking of is as follows:
- The view contains a form with AntiForgeryToken displayed as a hidden field.
- The view is contained on the home page with another form provided by AJAX.
The problem here is that I need to encapsulate the hidden field in the form and at the same time I need to display another token for sending in the submitted AJAX form on the main page. I can not make any assumptions that the token will be displayed on the child page, since there can be no form on its child page.
My first thought was to display one global AntiForgeryToken for the entire page that all messages used, but then the forms would not publish the token, since the hidden input field would be located outside the form.
Thanks for any advice!
source share