Tag hashes should be unique to a site

Created on 31 July 2025, 24 days ago

Problem/Motivation

The Cloudflare purge by tag feature operates on an entire zone, not a specific domain within the zone. This proves troublesome for users that are running multiple domains in that cache invalidation can happen too liberally.

This has the potential to be very troublesome for users with dozens or hundreds of domains in one zone.

Steps to reproduce

I have not manually tested this as I do not have the authority to perform this kind of zone modification. Steps to reproduce are theoretical.

  1. Set up a Cloudflare zone: example.com
  2. Set up two websites in said zone: a.example.com and b.example.com
  3. Ensure that a page is cached on both domains that has the node_list cache tag (for example)
  4. Update a node on a.example.com
  5. Verify that the page on a.example.com was invalidated -- great! This is expected!
  6. Also see that the page on b.example.com was also invalidated! -- ouch!

This happens because the node_list cache tag is effectively colliding between the two domains.

Proposed resolution

Incorporate the site UUID or some other unique identifier into the hash calculation to ensure that cache tags are unique to the domain they're generated on.

Remaining tasks

User interface changes

None

API changes

None

Data model changes

πŸ› Bug report
Status

Active

Version

2.0

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States luke.leber Pennsylvania

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @luke.leber
  • πŸ‡ΊπŸ‡ΈUnited States bkosborne New Jersey, USA

    Just a note that if/when we implement this, we'll need a release note to indicate that the entire Cloudflare cache should be purged, because all the cache tags will have changed.

  • πŸ‡ΊπŸ‡ΈUnited States bkosborne New Jersey, USA

    This is closely related to ✨ Add optional Environment setting Needs review . In fact, the solution here should be bundled with that change IMO.

  • πŸ‡ΊπŸ‡ΈUnited States bkosborne New Jersey, USA

    A site's UUID wouldn't be ideal here because we also need to ensure the hash tags are unique per a site's environments. E.g., if the site is synced from prod to a test environment, it will have the same UUID but shouldn't share the same cache tag "namespace" with production.

    Using hostname is a safer choice, but still not perfect. I imagine people are using Drush for Purge invalidations, likely via cron. Some people may not be setting the hostname when invoking Drush, so it will end up being "default" or something, so the tags wouldn't be invalidated correctly.

    Not sure what other option there is though. Perhaps make the cache tag prefix configurable and let the site owner decide?

  • πŸ‡ΊπŸ‡ΈUnited States luke.leber Pennsylvania

    UUID+hostname seems agreeable to me. Should be easy enough to improve upon iteratively if needed.

    There's no issue with using multiple inputs for a more unique hash if it catches the 80%.

    I think that cache collisions here might actually warrant a meta issue because there's just so much complexity involved. If Drupal didn't have the potential for such large headers this would be a lot easier to solve holistically.

Production build 0.71.5 2024