Convert file indentation to spaces

app/views/layouts/tutorial/insecure_dor/_insecure_dor_first.html.erb

@@ -17,8 +17,8 @@
           <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
             <div class="accordion-inner">
               <p class="desc">
-	Applications frequently use the actual name or key of an object when generating web pages. Applications don’t always verify the user is authorized for the target object. This results in an insecure direct object reference flaw. Testers can easily manipulate parameter values to detect such flaws. Code analysis quickly shows whether authorization is properly verified.
-	 		  </p>
+  Applications frequently use the actual name or key of an object when generating web pages. Applications don’t always verify the user is authorized for the target object. This results in an insecure direct object reference flaw. Testers can easily manipulate parameter values to detect such flaws. Code analysis quickly shows whether authorization is properly verified.
+        </p>
             </div>
           </div>
         </div>
@@ -33,26 +33,26 @@
           <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
             <div class="accordion-inner">
               <p class="desc">
-				Within the app/controllers/work_info_controller.rb file the follow code can be found:
-	 		  </p>
-	 		  <pre class="ruby">
-				<%= %q{
-				 class WorkInfoController < ApplicationController
+        Within the app/controllers/work_info_controller.rb file the follow code can be found:
+        </p>
+        <pre class="ruby">
+        <%= %q{
+         class WorkInfoController < ApplicationController
 
-				  def index
-				    @user = User.find_by_user_id(params[:user_id])
-				    if !(@user)
-				      flash[:error] = "Sorry, no user with that user id exists"
-				      redirect_to home_dashboard_index_path
-				    end
-				  end
+          def index
+            @user = User.find_by_user_id(params[:user_id])
+            if !(@user)
+              flash[:error] = "Sorry, no user with that user id exists"
+              redirect_to home_dashboard_index_path
+            end
+          end
 
-				end
-				} %>
-			  </pre>
-			  <p class="desc">
-				Instead of using the current_user object which, takes the user ID value from the user's session and is normally resilient against tampering, the user ID is pulled from the request parameter (user id in the RESTful URL). Additionally, even in the session, User IDs should be sufficiently random and the sessions stored in a persistent manner (ActiveRcord) versus using the Base64 encoded / HMAC validation session schema.
-			  </p>
+        end
+        } %>
+        </pre>
+        <p class="desc">
+        Instead of using the current_user object which, takes the user ID value from the user's session and is normally resilient against tampering, the user ID is pulled from the request parameter (user id in the RESTful URL). Additionally, even in the session, User IDs should be sufficiently random and the sessions stored in a persistent manner (ActiveRcord) versus using the Base64 encoded / HMAC validation session schema.
+        </p>
             </div>
           </div>
         </div>
@@ -67,27 +67,27 @@
           <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
             <div class="accordion-inner">
               <p><b>Insecure Direct Object Reference - ATTACK</b></p>
- 			  <p class="desc">
-				 Navigate to the work info page, observe your user ID in the URL /users/<%= "<:user id>"%>/work_info.
-				 Now change it to someone else's user ID.<br/><br/> Example - /users/2/work_info
-	          </p>
-			  <p><b>Insecure Direct Object Reference - SOLUTION</b></p>
-			  <p class="desc">
-				The easiest way to fix this is to reference the current_user object. Also, it might make sense to not disclose any more sensitive information than necessary (re: error message).
-	          </p>
-			  <pre class="ruby">
-				  def index
-				    <span style="background-color:yellow">@user = current_user</span>
-				    if !(@user) || @user.admin
-				      <span style="background-color:yellow">flash[:error] = "Apologies, looks like something went wrong"</span>
-				      redirect_to home_dashboard_index_path
-				    end
-				  end
-			  </pre>
+        <p class="desc">
+         Navigate to the work info page, observe your user ID in the URL /users/<%= "<:user id>"%>/work_info.
+         Now change it to someone else's user ID.<br/><br/> Example - /users/2/work_info
+            </p>
+        <p><b>Insecure Direct Object Reference - SOLUTION</b></p>
+        <p class="desc">
+        The easiest way to fix this is to reference the current_user object. Also, it might make sense to not disclose any more sensitive information than necessary (re: error message).
+            </p>
+        <pre class="ruby">
+          def index
+            <span style="background-color:yellow">@user = current_user</span>
+            if !(@user) || @user.admin
+              <span style="background-color:yellow">flash[:error] = "Apologies, looks like something went wrong"</span>
+              redirect_to home_dashboard_index_path
+            end
+          end
+        </pre>
             </div>
           </div>
         </div>
-      	<div class="accordion-group">
+        <div class="accordion-group">
           <div class="accordion-heading">
             <a  style="background-color: rgb(181, 121, 158)" href="#collapseFour" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
               <i class="icon-aid icon-white">
@@ -101,6 +101,6 @@
             </div>
           </div>
         </div>
-	</div>
+  </div>
     </div>
   </div>