You could enforce a certain level of compliance by disabling commit
while
processing any request whose method is get.  I imagine that would
break a few
things in existing applications, though.

With a link_to link, won't the user be tricked into thinking,
  "I't is safe to click on this link, since I know that links do not
modify anything on a
well-behaved server"?