Yeah, but it’s still a good idea to have some protections on the front end in case the back end dev is an idiot. Of course thats easily bypassed but you’ve done what little you can.

Yes, the backend web dev can sanitise their inputs.