Remember, the server serves everything. The only reason there is an html page to view is because the client requested the page from the server. So, you (the server) have complete control over what is served, and what is not.
Now, there are some silly cases where that is not the case. As someone not willing to invest in a custom domain, but still wanting fullstack apps associated with my GitHub account, I have my client-side served by GitHub Pages, and my backend hosted on Heroku. So, my backend acts as a pure REST API with nothing but “data management”.
This is not a recommended way to serve a webpage, though. So, other than for the sake of being free I would avoid this.
Remember, we are not actually talking about SSR, here.