I have both client and server side validation in place. Formik & Yup validation schema stop users from submitting values with incorrect format.
Should I still consider rendering server-side errors in my web app in case user somehow manages to bypass client side validation? So, can Formik/Yup validation schema be bypassed on the client side? It seems like there are no native html attributes on inputs, like disabled, that user can simply delete from the DOM.