I have a multi step form which uses one model object and I need to persist it between the steps. The object gets saved to the database only after the final step. I have seen people suggest using HTML.Serialize but how secure is this option?
Also my model object will grow as the user fills up the form which means the hidden form field with serialized data will add up size to my HTML output.
Whats the best practice for this kind of situation?
I've use the TempData for this purpose.
You can store an object (a copy of your model data) in TempData, and use it in the next request. If it is not set-back in the next request it will be "destroyed". So you do not have to worry that it is filling up your session.