Cache tags with ampersand (or other html reserver characters) are replaced with theri html entities in request headers.
Create something that generate cache tags that includes at least one '&'.
For example I've a custom module that grab JSON data from a remote server, and this data is putted in cache with a cache id that contain the url that has generated the data.
Obviously I can replace '&' in my cache ids, but I think that when cache tags are used in http request headers, & and other reserver html character shouldn't be replace with html entities.
In src/Plugin/Purge/Purger/HttpPurgerBase.php at line 112, replace $this->token->replace( with $this->token->replacePlain.
Active
1.2
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
IMHO none of the tokens should be escaped.
The problem occurs in \Drupal\purge_purger_http\Plugin\Purge\Purger\HttpPurgerBase::getOptions, this function should use \Drupal\Core\Utility\Token::replacePlain instead of \Drupal\Core\Utility\Token::replace.
I stumble on the same issue when trying to provide a new token (see related issue), in my patch I propose a "safe way" by switching to replacePlain only if $this->settings->body_content_type === 'application/json'.