NEXT_PUBLIC_MEDUSA_BACKEND_URL- Why would we expose our backend url to the client?

[sschweimler]

Is there a specific reason why the backend url in .env.template is exposed to the client by using NEXT_PUBLIC? I think it's a bad idea because it makes the backend visible for potential attackers. If we need to access backend data on the client side, then we should use route handlers or server actions.