Bidirectional Override Fields Fuzzer

Item	Description
Full Fuzzer Name	BidirectionalOverrideFieldsFuzzer
Log Key	BOF
Description	This fuzzer injects bidirectional-override Unicode control characters into string fields to detect Trojan Source–style ambiguities, log-forging issues, and UI or parsing inconsistencies. Such characters can visually reorder text while preserving the original byte sequence, potentially misleading reviewers, logs, or downstream systems.
Enabled by default?	Yes
Target field types	OpenAPI type string (non-enum)
Expected result when fuzzed field is required	4XX (or 2XX if sanitize-first mode is enabled)
Expected result when fuzzed field is optional	4XX (or 2XX if sanitize-first mode is enabled)
Expected result when fuzzed value is not matching field pattern	4XX (or 2XX if sanitize-first mode is enabled)
Fuzzing logic	Iteratively replaces each eligible string field with multiple variants containing bidirectional override characters: 1. Prepend RLO (U+202E) to the original value, visually reversing the entire string. 2. Inject RLO/PDF (U+202E / U+202C) after the first character, reversing the remainder of the string while restoring direction at the end. 3. Append RLO to the original value, which can flip subsequent text in logs or concatenated outputs. All variants preserve the original characters but alter visual rendering.
Conditions when this fuzzer will be skipped	When the field is not of type string, OR the schema defines an enum, OR the field is not present in the request payload.
HTTP methods that will be skipped	HEAD, GET, DELETE
Reporting	Reports error if: 1. response code is 404; 2. response code is documented, but not expected; 3. any unexpected exception. Reports warn if: 1. response code is expected and documented, but not matches response schema; 2. response code is expected, but not documented; 3. response code is 501. Reports success if: 1. response code is expected, documented and matches response schema.