Weekly Technical Report for February 2, 2023

From the end of January to the beginning of February, it falls under the Chinese New Year. During this period, the person responsible for securing the operation of the Spring Festival phase needs to be on call to deal with online issues. I was in a constant state of worry, and the good thing is that online problems did not come to me actively. Maintaining overall immobility throughout the Chinese New Year is the best.

This week I’m evaluating the impact of a major requirement. I believe that for a new business requirement, especially when applied to a complex business system, there are multiple impacts that need to be considered. If, at this point in time, one is not particularly familiar with the system and has little experience with it, it is best to choose to make minimal changes. It’s not about being conservative, it’s about keeping the impact as small as you can imagine. Because you don’t know where some counterintuitive mechanism is running important business logic. I didn’t come to this conclusion out of my imagination; this post was written six months later, and by the time I wrote it, I’d already encountered this at least twice. At the time, I made a drastic tweak to a service, and at the time the tweak was done, everything was fine. After the release, it also seemed normal. It wasn’t until a number of weeks later that I stumbled upon some mechanism that strung together upstream and downstream, and it was nearly affected by me. In undertaking a business system, there is a high probability that it is transferred and many hands, hiding a lot of history that you do not know, so the framework, core logic can not move, not move.

Then, this week completely solved the problem against a security encryption service encryption interface is not compatible with Chinese. The main problem is that it will encrypt the original text directly as Redis Key. when there is Chinese in the original text, you will find that although the Key is stored, but can not find. My solution is that when storing, the content of the Key should not directly contain any business original text, and take the hash first. This can avoid some encoding, compatibility problems, but also can greatly improve the security.