[Issue] Avoid direct access to reviews list Ajax

[m2-assistant]

This issue is automatically created based on existing pull request: #33876: Avoid direct access to reviews list Ajax

---

Description (*)

Do not know wether it is intentional,
But you can access directly to the reviews list Ajax controller however all others controllers for Ajax URL has a conditional test in code.

Fixed Issues (if relevant)

Why not restrain this page to Ajax only

Manual testing scenarios

You can give it a try :
/review/product/listAjax/id/9999
=> Display the raw output in the browser.

(9999 = product if from store)

Questions or comments

Give me your think,

Ilan Parmentier

Contribution checklist (*)

• Pull request has a meaningful description of its purpose
• All commits are accompanied by meaningful commit messages
• All new or changed code is covered with unit/integration tests (if applicable)
• README.md files for modified modules are updated and included in the pull request if any README.md predefined sections require an update
• All automated tests passed successfully (all builds are green)

[github-jira-sync-bot]

✅ Jira issue https://jira.corp.adobe.com/browse/AC-9381 is successfully created for this GitHub issue.

[m2-assistant]

✅ Confirmed by @engcom-Lima. Thank you for verifying the issue.
Issue Available: @engcom-Lima, You will be automatically unassigned. Contributors/Maintainers can claim this issue to continue. To reclaim and continue work, reassign the ticket to yourself.