[FIXED JENKINS-17798] expose build badge via unprotected URL, but with new Permission
…h new Permission
Added the "unknown" image and honor the running image properly for running jobs.
Some browsers appear to cache 302 requests in violation of RFC (I'm looking at you, Chrome: http://code.google.com/p/chromium/issues/detail?id=103458) I also saw this behavior with Firefox, even though I couldn't locate any bug report. Sine Chrome alone is a big enough browser share, in this change I modified the code to avoid 302 redirects and instead to service the request with 200. To avoid excessive data transfer, ETag is used to detect that the browser has the image in cache.