And that’s why you make sure you have sanitization checks on the backed too. From end should just provide your users with quicker feedback and save on network traffic. The backend should prevent anything from actually being executed that shouldn’t. That way it doesn’t matter how it gets submitted. Same if you were have a UI and API. The API may get inputs outside of a UI so you should have your checks there.