Hey now, they aren’t Nazis. Nazis at least believe in something, even if it’s something terrible.

I’d bet it’s less simple input sanitizing and more 2 mistakes made separately because they don’t know any better.

1. The input field converting everything to a string indiscriminately
2. Because they did 1, converting everything back to the assumed type

If the front end Dev makes the first mistake, null would be sent in the body as “null”. Then on the backend, somebody might even be binding the variables correctly, but before hand realizing they have to deal with the market and rather than just have a conversation undoes it in their own code.