I was however disappointed to find in the built in captcha implementation that a link is displayed to refresh the image which requires js and does not degrade gracefully.
Would it be too much to ask to have this behavior changed in one of two ways.
Have the link/button added on the fly by jQuery using [tt]$("img#yw0).after()[/tt]. This way if a user does not have js he does not see the otherwise useless link/button.
This method requires the button type instead of the link. The button would submit the form with an additional variable set warning the model not to validate but to return the same form with a different captcha image. JS users would get the same functionality as now with jQuery intercepting the submit function.
The second solution is more complicated but strikes me as preferable from the user standpoint as it provides a high level of service across a wider user base. Off the top of my head the second method would require at the very least additional logic in the controller. Perhaps this could be handled by the CCaptchaAction class.