Fields Playbooks

Fields playbooks focus on testing the overall validation and handling of individual request fields. These playbooks are essential for verifying type safety, boundary enforcement, Unicode handling, and structural resilience at the field level.

There are 67 fields playbooks, which can be grouped into the following categories:

Boundary and Constraints

• IntegerFieldsLeftBoundaryPlaybook: Out-of-range integers on the left boundary
• IntegerFieldsRightBoundaryPlaybook: Out-of-range integers on the right boundary
• DecimalFieldsLeftBoundaryPlaybook: Out-of-range decimals on the left boundary
• DecimalFieldsRightBoundaryPlaybook: Out-of-range decimals on the right boundary
• ExtremePositiveNumbersInIntegerFieldsPlaybook: Extreme positive integer values
• ExtremeNegativeNumbersInIntegerFieldsPlaybook: Extreme negative integer values
• ExtremePositiveNumbersInDecimalFieldsPlaybook: Extreme positive decimal values
• ExtremeNegativeNumbersInDecimalFieldsPlaybook: Extreme negative decimal values
• MinLengthExactValuesInStringFieldsPlaybook: Exact string minLength values
• MaxLengthExactValuesInStringFieldsPlaybook: Exact string maxLength values
• MinimumExactNumbersInNumericFieldsPlaybook: Exact minimum numeric values
• MaximumExactNumbersInNumericFieldsPlaybook: Exact maximum numeric values
• StringFieldsLeftBoundaryPlaybook: Out-of-range strings on the left boundary
• StringFieldsRightBoundaryPlaybook: Out-of-range strings on the right boundary
• MinGreaterThanMaxFieldsPlaybook: Lower-bound field greater than upper-bound field

Type and Format Validation

• StringsInNumericFieldsPlaybook: Strings sent to numeric fields
• DecimalNumbersInIntegerFieldsPlaybook: Decimals sent to integer fields
• RandomStringsInBooleanFieldsPlaybook: Random strings sent to boolean fields
• StringFormatAlmostValidValuesPlaybook: Almost-valid formatted strings
• StringFormatTotallyWrongValuesPlaybook: Totally invalid formatted strings
• IterateThroughEnumValuesFieldsPlaybook: Valid enum values iteration
• InvalidValuesInEnumsFieldsPlaybook: Invalid enum values
• EnumCaseVariantFieldsPlaybook: Case-variant enum values
• HomoglyphEnumFieldsPlaybook: Homoglyph-altered enum values
• EmptyStringsInFieldsPlaybook: Empty string values
• NullValuesInFieldsPlaybook: Null values in fields

Unicode, Emojis, Special Characters

• AbugidasInStringFieldsSanitizeValidatePlaybook: Abugidas characters in fields
• HangulFillerFieldsSanitizeValidatePlaybook: Hangul filler characters
• BidirectionalOverrideFieldsPlaybook: Bidirectional-override characters
• ZalgoTextInFieldsSanitizeValidatePlaybook: Zalgo text
• ZeroWidthCharsInValuesFieldsSanitizeValidatePlaybook: Zero-width characters in values
• LeadingSingleCodePointEmojisInFieldsTrimValidatePlaybook: Leading single-codepoint emojis
• LeadingMultiCodePointEmojisInFieldsTrimValidatePlaybook: Leading multi-codepoint emojis
• TrailingSingleCodePointEmojisInFieldsTrimValidatePlaybook: Trailing single-codepoint emojis
• TrailingMultiCodePointEmojisInFieldsTrimValidatePlaybook: Trailing multi-codepoint emojis
• WithinSingleCodePointEmojisInStringFieldsTrimValidatePlaybook: Emojis within values (single codepoint)
• WithinMultiCodePointEmojisInStringFieldsTrimValidatePlaybook: Emojis within values (multi codepoint)
• OnlySingleCodePointEmojisInFieldsTrimValidatePlaybook: Single codepoint emojis only
• OnlyMultiCodePointEmojisInFieldsTrimValidatePlaybook: Multi codepoint emojis only
• UppercaseExpandingBytesInStringFieldsPlaybook: Strings that expand bytes when uppercased
• UppercaseExpandingLengthInStringFieldsPlaybook: Strings that expand length when uppercased
• LowercaseExpandingBytesInStringFieldsPlaybook: Strings that expand bytes when lowercased
• LowercaseExpandingLengthInStringFieldsPlaybook: Strings that expand length when lowercased
• FullwidthBracketsFieldsPlaybook: Fullwidth ' < ' and ' > ' characters

Size and Structure Stress

• VeryLargeStringsInFieldsPlaybook: Very large strings
• VeryLargeUnicodeStringsInFieldsPlaybook: Very large Unicode strings
• VeryLargeIntegersInNumericFieldsPlaybook: Very large integers
• VeryLargeDecimalsInNumericFieldsPlaybook: Very large decimals
• OverflowArraySizeFieldsPlaybook: Overflow array sizes
• OverflowMapSizeFieldsPlaybook: Overflow map sizes
• ReplacePrimitivesWithObjectsFieldsPlaybook: Replace primitives with objects
• ReplacePrimitivesWithArraysFieldsPlaybook: Replace primitives with arrays
• ReplaceObjectsWithPrimitivesFieldsPlaybook: Replace objects with primitives
• ReplaceObjectsWithArraysFieldsPlaybook: Replace objects with arrays
• ReplaceArraysWithPrimitivesFieldsPlaybook: Replace arrays with primitives
• ReplaceArraysWithSimpleObjectsFieldsPlaybook: Replace arrays with simple objects
• AdditionalPropertiesMassAssignmentFieldsPlaybook: Unexpected extra properties in objects

Schema Semantics and Discriminators

• SwapDiscriminatorValuesFieldsPlaybook: Swap discriminator values
• TemporalLogicFieldsPlaybook: Semantically invalid temporal values

Defaults, Examples, Field Names

• ExamplesFieldsPlaybook: Contract-defined examples
• DefaultValuesInFieldsPlaybook: Use defaulted values
• InsertWhitespacesInFieldNamesFieldPlaybook: Insert random whitespaces in field names
• ZeroWidthCharsInNamesFieldsPlaybook: Zero-width characters in field names
• DuplicateKeysFieldsPlaybook: Duplicate JSON keys (RFC 8259 ambiguity)

Path and Reference Edge Cases

• InvalidReferencesFieldsPlaybook: Invalid path parameter/reference values

Add/Remove Fields

• RemoveFieldsPlaybook: Systematically remove fields
• NewFieldsPlaybook: Add unexpected field (dochiaFuzzyField)

How to Use Fields Playbooks

Running All Fields Playbooks

Use the built-in flag to run only Fields playbooks:

# Run only Fields Playbooks
dochia test -c api.yml -s https://api.example.com --fields-only

# Short form
dochia test -c api.yml -s https://api.example.com -F

For completeness, you can also target other categories:

# Only Body playbooks
dochia test -c api.yml -s https://api.example.com --body-only   # or -B

# Only Header playbooks
dochia test -c api.yml -s https://api.example.com --headers-only # or -A

Running Specific Fields Playbooks

# Validate constraints and formats
dochia test -c api.yml -s https://api.example.com \
  --playbooks IntegerFieldsLeftBoundaryPlaybook,StringFormatTotallyWrongValuesPlaybook,InvalidValuesInEnumsFieldsPlaybook

# Stress with very large values (use responsibly)
dochia test -c api.yml -s https://api.example.com \
  --playbooks VeryLargeStringsInFieldsPlaybook,VeryLargeIntegersInNumericFieldsPlaybook \
  --large-strings-size 60000

# Focus on shape mutations
dochia test -c api.yml -s https://api.example.com \
  --playbooks ReplaceObjectsWithArraysFieldsPlaybook,ReplacePrimitivesWithObjectsFieldsPlaybook,OverflowArraySizeFieldsPlaybook

Use Case: Input Validation Hardening

Before a production release, run a suite of fields playbooks to ensure strict validation and sanitization at the field level.

# A good suite for hardening against invalid and edge-case inputs
dochia test -c api.yml -s https://api.example.com \
  --playbooks IntegerFieldsLeftBoundaryPlaybook,MinLengthExactValuesInStringFieldsPlaybook,InvalidValuesInEnumsFieldsPlaybook,ZeroWidthCharsInValuesFieldsSanitizeValidatePlaybook

See Also

• Body Playbooks - Body structure, HTTP methods, and logic
• Headers Playbooks - Header manipulation and security
• Playbooks Overview - General introduction to playbook types

Detailed Guide to Fields Playbooks

Boundary and Constraints

IntegerFieldsLeftBoundaryPlaybook

• Description: Tests integer fields with out-of-range values on the left boundary (below minimum)
• Example: For a field with minimum 1, sends value 0

StringFieldsRightBoundaryPlaybook

• Description: Tests string fields with out-of-range values on the right boundary (above maximum length)
• Example: For a field with maxLength 10, sends an 11-character string

MinGreaterThanMaxFieldsPlaybook

• Description: Tests semantic validation by setting lower-bound fields greater than upper-bound fields
• Example: {"minAmount": 100, "maxAmount": 50}

Type and Format Validation

StringsInNumericFieldsPlaybook

• Description: Sends string values to numeric fields to test type validation
• Example: {"price": "not-a-number"}

InvalidValuesInEnumsFieldsPlaybook

• Description: Sends invalid values to enum fields
• Example: For enum ["red", "green", "blue"], sends "purple"

HomoglyphEnumFieldsPlaybook

• Description: Tests enum fields with visually similar but different characters
• Example: For enum value "admin", sends "аdmin" (with Cyrillic 'а')

Unicode and Special Characters

ZalgoTextInFieldsSanitizeValidatePlaybook

• Description: Tests fields with zalgo text (combining characters that create distorted appearance)
• Example: "H̸̡̪̯ͨ͊̽̅̾̎Ȩ̬̩̾͛ͪ̈́̀́͘ ̶̧̨̱̹̭̯ͧ̾ͬC̷̙̲̝͖ͭ̏ͥͮ͟Oͮ͏̮̪̝͍M̲̖͊̒ͪͩͬ̚̚͜Ȇ̴̟̟͙̞ͩ͌͝S̨̥̫͎̭ͯ̿̔̀ͅ"

BidirectionalOverrideFieldsPlaybook

• Description: Tests fields with bidirectional override characters that can manipulate text direction
• Example: "user‮admin‬name" (appears as "useradminname" but contains hidden characters)

Size and Structure Stress

VeryLargeStringsInFieldsPlaybook

• Description: Tests fields with very large string values (default 40,000 characters)
• Example: A string with 40,000 'A' characters

OverflowArraySizeFieldsPlaybook

• Description: Tests array fields with extremely large arrays to test memory limits
• Example: An array with thousands of elements

AdditionalPropertiesMassAssignmentFieldsPlaybook

• Description: Tests objects by adding unexpected extra properties to test mass assignment vulnerabilities
• Example: {"name": "John", "unexpectedField": "malicious"}