It forces you to keep all the logic away from client code.
If someone implements part of the business logic with a javascript in the browser ... that is not secure and might not end well in some cases.
My opinion is that the browser code should be used only for usability requirements. And those use cases need also test, so +1 for cypress for helping on that.
Nevertheless the middleware / APIs should be tested directly, also for preventing those invalid input cases that the interface might never send, but that might break everything.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I do also like to test the middle-ware directly.
It forces you to keep all the logic away from client code.
If someone implements part of the business logic with a javascript in the browser ... that is not secure and might not end well in some cases.
My opinion is that the browser code should be used only for usability requirements. And those use cases need also test, so +1 for cypress for helping on that.
Nevertheless the middleware / APIs should be tested directly, also for preventing those invalid input cases that the interface might never send, but that might break everything.