the htmx examples are done w/ a mock server based on sinon.js so everything is client-side. this means we can avoid deploying server-side functionality (which would cost money) and it also means that cross-site scripting attacks aren't an issue (you can only xss yourself.)

the examples are to show how htmx works, the "server-side" (such as it is) is just there to support the front end demo.