pub fn bidi_inject(reversed_keyword: &str) -> StringExpand description
Bidi override wrapper — wraps reversed_keyword between U+202E
(RIGHT-TO-LEFT OVERRIDE) and U+202C (POP DIRECTIONAL FORMATTING).
The WAF scans left-to-right byte order: it sees tceleS. Rendered
text in a BiDi-aware viewer (e.g. browser, IDE, security analyst’s
dashboard) shows Select. CVE-2021-42574 (Trojan Source) class.
Narrow direct bypass surface — most SQL parsers reject bare U+202E. Useful primarily for WAF log poisoning and rule-auditing tool confusion; some template engines do strip bidi chars before forwarding, in which case the reversed payload becomes live.