Very often, I would write GET and POST actions in the same method. This allows fall through to that same code we used for GET request if POST validation fails, ensuring consistency.

public ActionResult EditPerson(Person person)
{
	if (Request.HttpMethod == "POST" && ModelState.IsValid)
	{
		// do edit person...

		return RedirectToAction("Index");
	}

	// do get person

	return View(person);
}

If I use that sort of paradigm, then the [VerifyAntiForgeryToken] attribute would block both GET and POST requests when the token is not supplied. I want the token to be only verified when I POST. Since ASP.NET MVC is extensible, the normal way to go about that would be modify the behaviour of [VerifyAntiForgeryToken] by subclassing. Unfortuantely, VerifyAntiForgeryTokenAttribute is sealed which means it can’t be inherited from. Luckily, borrowing from the same trick that Http*Base classes use to combat sealed Http* classes, we can just create a new attribute that wraps the old attribute, implementing the same members and proxying the calls back to the wrapped base class. That’s exactly what I did and it works quite well. The result is [ValidateAntiForgeryTokenOnPost] which will only verify the form anti-forgery token on a POST request:

[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
public class ValidateAntiForgeryTokenOnPostAttribute : FilterAttribute, IAuthorizationFilter
{
	private ValidateAntiForgeryTokenAttribute _wrapped;
	public ValidateAntiForgeryTokenOnPostAttribute()
	{
		_wrapped = new ValidateAntiForgeryTokenAttribute();
	}

	public string Salt { get { return _wrapped.Salt; } set { _wrapped.Salt = value; } }

	public void OnAuthorization(AuthorizationContext filterContext)
	{
		if (filterContext.HttpContext.Request.HttpMethod == "POST")
		{
			_wrapped.OnAuthorization(filterContext);
		}
	}
}

This will teach those sealed classes!

public ActionResult SavePerson(Person person)

as the action method signature, SavePerson will be executed with the parameter equivalent to

new Person() { FirstName = "John", LastName = "Smith" }

The default model binder is pretty powerful, using reflection to dig out and assign all the fields. It also supports arrays and dictionaries, but with big limitations. The array must start at 0 and be unbroken. That is understandable for arrays, but what if you had a dictionary? Surely it can start at any position? Not so. The dictionary has even more obscure requirements, with the need to specify explicit .Key and .Value parameters in your form submission. For example:
dict[0].Key=mykey&dict[0].Value=myvalue
This represented extra work to generate the form on the client side. I just want to input something more intuitive like:
dict[mykey]=myvalue
The ASP.NET MVC framework is highly extensible. It allows you to define your own custom model binder so that’s exactly what I did. Inheriting off DefaultModelBinder, I created DefaultDictionaryBinder that overrode the BindModel method and intercepts when a IDictionary<,> class is being bound.

public class DefaultDictionaryBinder : DefaultModelBinder
{
	public override object BindModel(ControllerContext controllerContext, ModelBindingContext bindingContext)
	{
		Type modelType = bindingContext.ModelType;
		Type idictType = modelType.GetInterface("System.Collections.Generic.IDictionary`2");
		if (idictType != null)
		{
			object result = null;

			Type[] ga = idictType.GetGenericArguments();
			IModelBinder valueBinder = Binders.GetBinder(ga[1]);

			foreach (string key in bindingContext.ValueProvider.Keys)
			{
				if (key.StartsWith(bindingContext.ModelName + "[", StringComparison.InvariantCultureIgnoreCase))
				{
					int endbracket = key.IndexOf("]", bindingContext.ModelName.Length + 1);
					if (endbracket == -1)
						continue;

					object dictKey;
					try
					{
						dictKey = Convert.ChangeType(key.Substring(bindingContext.ModelName.Length + 1, endbracket - bindingContext.ModelName.Length - 1), ga[0]);
					}
					catch (FormatException)
					{
						continue;
					}

					ModelBindingContext innerBindingContext = new ModelBindingContext()
					{
						Model = null,
						ModelName = key.Substring(0, endbracket + 1),
						ModelState = bindingContext.ModelState,
						ModelType = ga[1],
						ValueProvider = bindingContext.ValueProvider
					};
					object newPropertyValue = valueBinder.BindModel(controllerContext, innerBindingContext);

					if (result == null)
						result = CreateModel(controllerContext, bindingContext, modelType);

					if (!(bool)idictType.GetMethod("ContainsKey").Invoke(result, new object[] { dictKey }))
						idictType.GetProperty("Item").SetValue(result, newPropertyValue, new object[] { dictKey });
				}
			}

			return result;
		}
		return base.BindModel(controllerContext, bindingContext);
	}
}

To use, you have to override the default model binder. In global.asax.cs in Application_Start(), add the line:

ModelBinders.Binders.DefaultBinder = new DefaultDictionaryBinder();

The code is very flexible, only requiring the dictionary key to be of a basic type convertible from string, ie. Dictionary or Dictionary. The value can be any object that is able to be bound by the default model binder.
An example follows:
If your form input is
persons[3].FirstName=John&persons[3].LastName=Smith&persons[4].FirstName=Jane&persons[4].LastName=Doe&
and our action signature

public ActionResult SavePersons(Dictionary<int, Person> persons)

the persons parameter would be

new Dictionary<int, Person>() {
{ 3, new Person() {"John", "Smith"} },
{ 4, new Person() {"Jane", "Doe"} },
}

Simple and intuitve.