can helping me for ajax security issue for XSS
<script>
$("#frm1").validationEngine();
$("#reset").click(function(){
val = $(this).html();
pass = $('#pass').val();
re_pass = $('#re_pass').val();
code = '<?=$this->uri->segment(4)?>';
if(val != 'Loading...'){
if ($("#frm1").validationEngine('validate')) {
$(this).html('Loading...');
$.ajax({
url : '<?=site_url('forgot/update_pwd')?>',
type : 'POST',
data : 'pass='+pass+'&re_pass='+re_pass+'&code='+code,
error : function() {alert('error!');},
dataType : 'json',
success : function(ret){
if (ret.error == 1) {
notify(ret.message,'error');
}
else{
$('#success').removeClass('hide');
}
$('#reset').html(val);
return false;
}
});
}
}
})
</script>
i want to added <?php echo $this->security->get_csrf_token_name(); ?>':'<?php echo $this->security->get_csrf_hash(); ?> on javascripts
can helping me please...