Fix /api/v1/tags/:id route constraints (#18854)

The constraint was applied prior to decoding, and rejected anything containing the '%' character, which would be used for anything with non-ASCII unicode characters.
author: Claire <claire.github-309c@sitedethib.com> 2022-07-20 17:06:52 +0200
committer: GitHub <noreply@github.com> 2022-07-20 17:06:52 +0200
commit: 726931fe4a8202c64fd1a72a6043f80fe075fda7 (patch)
tree: 4feca23012d195c70a287fde9b852500dbaef2aa
parent: f8b3e3692932ddfd69bc0a631256ac78411e818a (diff)
2 files changed, 2 insertions, 1 deletions
diff --git a/app/controllers/api/v1/tags_controller.rb b/app/controllers/api/v1/tags_controller.rb
index d45015ff5..9e5c53330 100644
--- a/app/controllers/api/v1/tags_controller.rb
+++ b/app/controllers/api/v1/tags_controller.rb
@@ -24,6 +24,7 @@ class Api::V1::TagsController < Api::BaseController
   private
 
   def set_or_create_tag
+    return not_found unless /\A(#{Tag::HASHTAG_NAME_RE})\z/.match?(params[:id])
     @tag = Tag.find_normalized(params[:id]) || Tag.new(name: Tag.normalize(params[:id]), display_name: params[:id])
   end
 end
diff --git a/config/routes.rb b/config/routes.rb
index 7a902b1f0..7dc9f391d 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -530,7 +530,7 @@ Rails.application.routes.draw do
         resource :note, only: :create, controller: 'accounts/notes'
       end
 
-      resources :tags, only: [:show], constraints: { id: /#{Tag::HASHTAG_NAME_RE}/ } do
+      resources :tags, only: [:show] do
         member do
           post :follow
           post :unfollow
author	Claire <claire.github-309c@sitedethib.com>	2022-07-20 17:06:52 +0200
committer	GitHub <noreply@github.com>	2022-07-20 17:06:52 +0200
commit	726931fe4a8202c64fd1a72a6043f80fe075fda7 (patch)
tree	4feca23012d195c70a287fde9b852500dbaef2aa
parent	f8b3e3692932ddfd69bc0a631256ac78411e818a (diff)