Do I need to explicitly sanitize all inputs, or does Angular already do it for me?
I have a login form - when submitted it sends it's data to the server. Does the data require explicit sanitization, or Angular automatically sanitize all input fields?
I appreciate your questions, it may be useful to others. Under no circumstances should the backed ever trust the front end, no framework, no custom library, nothing. If someone can exploit, inject, or otherwise harass your backed, they will, period. They will do so bypassing any front end framework or library and make direct requests to the endpoint, masquerading as anything necessary to do so.
And as @etarhan said, read this: https://angular.io/guide/security