Add check to ensure that RenderControllers and SurfaceControllers are always routed through the UmbracoRouteValueTransforms (#16540)

src/Umbraco.Web.Website/Routing/EagerMatcherPolicy.cs

@@ -1,4 +1,5 @@
-using Microsoft.AspNetCore.Http;
+using System.Reflection;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc.Controllers;
 using Microsoft.AspNetCore.Routing;
 using Microsoft.AspNetCore.Routing.Matching;
@@ -8,8 +9,8 @@ using Umbraco.Cms.Core.Configuration.Models;
 using Umbraco.Cms.Core.Routing;
 using Umbraco.Cms.Core.Services;
 using Umbraco.Cms.Web.Common.Controllers;
+using Umbraco.Cms.Web.Website.Controllers;
 using Umbraco.Extensions;
-using HttpRequestExtensions = Umbraco.Extensions.HttpRequestExtensions;
 
 namespace Umbraco.Cms.Web.Website.Routing;
 
@@ -104,6 +105,18 @@ internal class EagerMatcherPolicy : MatcherPolicy, IEndpointSelectorPolicy
                 continue;
             }
 
+            // We have to ensure that none of the candidates is a render controller or surface controller
+            // Normally these shouldn't be statically routed, however some people do it.
+            // So we should probably be friendly and check for it.
+            // Do not add this to V14.
+            ControllerActionDescriptor? controllerDescriptor = routeEndpoint.Metadata.GetMetadata<ControllerActionDescriptor>();
+            TypeInfo? controllerTypeInfo = controllerDescriptor?.ControllerTypeInfo;
+            if (controllerTypeInfo is not null &&
+                (controllerTypeInfo.IsType<RenderController>() || controllerTypeInfo.IsType<SurfaceController>()))
+            {
+                return;
+            }
+
             if (routeEndpoint.Order < lowestOrder)
             {
                 // We have to ensure that the route is valid for the current request method.