The simulator now displays an error message trying to access request.writeFields.
Before that writeFields in Firestore Security Rules did just not work in real requests.

The message states the following:

The simulator only simulates client SDK calls; request.writeFields is always null for these simulations

Does this mean that writeFields are only specified in HTTP requests?

The documentation only states this:

writeFields: List of fields being written in a write request.

A problem that arises from this

I am searching for something that replaces this property because it is "always null".
request.resource.data in update also contains fields that are not in the requests, but already in the document to my knowledge.

Example

// Existing document:

  document:
    - name: "Peter"
    - age: 52
    - profession: "Baker"

// Update call:

  document:
    - age: 53

// request.resource.data in allow update contains the following:

  document:
    - name: "Peter"
    - age: 53
    - profession: "Baker"

But I only want age.

EDIT Oct 4, 2018: writeFields is no longer supported by Firestore and its functionality will eventually be removed.

writeFields is still valid, as you can see from the linked documentation. What the error message in the simulator is telling you is that it's unable to simulate writeFields, as it only works with requests coming from client SDKs. The simulator itself seems to be incapable of simulating requests exactly as required in order for writeFields to be tested. So, if you write rules that use writeFields, you'll have to test them by using a client SDK to perform the read or write that would trigger the rule.