Umm... pardon me, but non-editable fields? In a browser? Just say
NO!
In order to make the fields non-editable you have to assume things about the functionality of the user's browser. If the user gets to supply his own browser all bets are off. Imagine how you would support non-editable fields if the user connected to your server with "telnet www.victim.com 80".
The usual solution is to establish a session state, so you can validate that hidden or non-edit fields really have the right values in them, all the fields are there, and the user didn't add anything (that matters.)
In the case of a simple deletion, you might want to repeat whatever logic you used to determine that the user is authorized to delete this object, instead of checking the session state. That could be less code, or more, depending on how your authorization works.