diff --git a/src/main/resources/lessons/missingac/i18n/WebGoatLabels.properties b/src/main/resources/lessons/missingac/i18n/WebGoatLabels.properties
index 05fcb449d..82ed8289b 100644
--- a/src/main/resources/lessons/missingac/i18n/WebGoatLabels.properties
+++ b/src/main/resources/lessons/missingac/i18n/WebGoatLabels.properties
@@ -15,7 +15,7 @@ access-control.hash.hint1=This assignment involves one simple change in a GET re
 access-control.hash.hint2=If you haven't found the hidden menus from the earlier exercise, go do that first.
 access-control.hash.hint3=When you look at the users page, there is a hint that more info is viewable by a given role.
 access-control.hash.hint4=Have you tried tampering the GET request? Different content-types?
-access-control.hash.hint5=Modify the GET request to `/access-control/users` to include 'Content-Type: application/json'
+access-control.hash.hint5=Modify the GET request to '/access-control/users' to include 'Content-Type': 'application/json'
 
 access-control.hash.hint6=Now for the harder way ... it builds on the easier way
 access-control.hash.hint7=If the request to view users, were a 'service' or 'RESTful' endpoint, what would be different about it?