I have hosted a static HTML page using GitHub Pages with a Contact Us form.
I found a solution so I can send the form to my email with https://formspree.io/ but i am not sure if this prevent an attacker to do XSS attack.
Maybe if i add HTML <input>
pattern Attribute to my page prevent the attack?
Is there any way to prevent XSS attack without any server-side script?
I dont know how GitHub Pages handle xss attack and what are the vulnerabilities of html static forms.