Extended and fixed some lessons

webgoat-lessons/csrf/src/main/resources/i18n/WebGoatLabels.properties

@@ -20,7 +20,7 @@ csrf-review-hint3=This one has a weak anti-CSRF protection, but you do need to o
 
 csrf-feedback-hint1=Look at the content-type.
 csrf-feedback-hint2=Try to post the same message with content-type text/plain
-csrf-feedback-hint3=The json can be put into a hidden field inside 
+csrf-feedback-hint3=The json can be put into a hidden field inside
 
 csrf-feedback-invalid-json=Invalid JSON received.
 csrf-feedback-success=Congratulations you have found the correct solution, the flag is: {0}