From 8e1937400067cd82e8c2a948d074f611d326aedc Mon Sep 17 00:00:00 2001
From: Ugur Yilmaz <u.yilmaz91@gmail.com>
Date: Thu, 25 Jun 2020 16:14:14 +0100
Subject: [PATCH] fix null derefence example does

---
 .../main/java/org/owasp/webgoat/idor/IDOREditOtherProfiile.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webgoat-lessons/idor/src/main/java/org/owasp/webgoat/idor/IDOREditOtherProfiile.java b/webgoat-lessons/idor/src/main/java/org/owasp/webgoat/idor/IDOREditOtherProfiile.java
index 133e832de9..3aae3ddf1f 100644
--- a/webgoat-lessons/idor/src/main/java/org/owasp/webgoat/idor/IDOREditOtherProfiile.java
+++ b/webgoat-lessons/idor/src/main/java/org/owasp/webgoat/idor/IDOREditOtherProfiile.java
@@ -81,7 +81,7 @@ public AttackResult completed(@PathVariable("userId") String userId, @RequestBod
             return failed(this).feedback("idor.edit.profile.failure4").build();
         }
 
-        if (currentUserProfile.getColor().equals("black") && currentUserProfile.getRole() <= 1) {
+        if ("black".equals(currentUserProfile.getColor()) && currentUserProfile.getRole() <= 1) {
             return success(this)
                     .feedback("idor.edit.profile.success2")
                     .output(userSessionData.getValue("idor-updated-own-profile").toString())