This is actually valid. Without third party to ensure the neutrality of the resource, this would be a unregulated cookie.
A better trap would be if the browser downloads the resource on the second request as well and compares the hashes. If they differ, the resource is considered uncachable.
A better trap would be if the browser downloads the resource on the second request as well and compares the hashes. If they differ, the resource is considered uncachable.