The problem is that Avatar images are served under your user ID, so the URL never changes. Also the http header allows for an enormously long caching time (Cache-Control: max-age=31536000). i see ETag is being used, but unless i am confused, that only applies once the max-age has expired?
A simple fix may be to serve the images by the pre-computed md5 hash of the actual image file, instead of the userid. it would mean an extra piece of data needs to be looked up for each user when loading a page.
Am i oversimplifying this?
Refreshing is annoying, especially on my android phone, where it seems i have to actually go into the site ‘storage’ settings to deleted cached data.