Sure they can have side-effect, the quote you include says as much.
What it says is that "the side-effects of N > 0 identical requests is the same as for a single
In other words, for a GET-request it should make no difference if you visit the link 1 time,
or 200 times, the side-effects should be identical. There is allowed to be a difference
between visiting the link 1+ times, and visiting 0 times.
That's NOT the same as saying there should be no side-effects.
An example: Voting for a story on Digg. If you vote yes for a certain story once, or 100
times, the result is the same: your vote is registered as a yes.
Another example: Adding a certain book to your amazon wishlist. Whether you do the relevant
GET-request once or 10 times, the side-effect is the same: that book will appear on your
wishlist. (once, not 10 times!)
So no, respecting the difference between GET and POST will do precisely nothing at all to
combat this particular vulnerability, though it would have -other- advantages.