diff --git a/test/utility.js b/test/utility.js
index ec16afda6..750c56597 100644
--- a/test/utility.js
+++ b/test/utility.js
@@ -466,18 +466,18 @@
   });
 
   QUnit.test('#2911 - _.template must not trigger CVE-2021-23337.', function(assert) {
-      QUnit.holyProperty = 'holy';
-      var invalidVariableNames = [
-          '){delete QUnit.holyProperty}; with(obj',
-          '(x = QUnit.holyProperty = "evil"), obj',
-          'document.write("got you!")'
-      ];
-      _.each(invalidVariableNames, function(name) {
-          assert.throws(function() { _.template('', { variable: name })(); });
-      });
-      var holy = QUnit.holyProperty;
-      delete QUnit.holyProperty;
-      assert.strictEqual(holy, 'holy');
+    QUnit.holyProperty = 'holy';
+    var invalidVariableNames = [
+      '){delete QUnit.holyProperty}; with(obj',
+      '(x = QUnit.holyProperty = "evil"), obj',
+      'document.write("got you!")'
+    ];
+    _.each(invalidVariableNames, function(name) {
+      assert.throws(function() { _.template('', { variable: name })(); });
+    });
+    var holy = QUnit.holyProperty;
+    delete QUnit.holyProperty;
+    assert.strictEqual(holy, 'holy');
   });
 
 }());