Apart from the fact that web browsers are notorious for over eagerly caching images no matter what http headers are specified, you have no control over external http proxies and their versions of your images.
So never allow someone to update an image, only allow delete and create actions, using a fresh new url each time.
Apart from the fact that web browsers are notorious for over eagerly caching images no matter what http headers are specified, you have no control over external http proxies and their versions of your images.
So never allow someone to update an image, only allow delete and create actions, using a fresh new url each time.