Are you currently still seeing the CORS issue? I'm still investigating what might be causing this, but I am unable to replicate at the moment. I'm wondering if this is an external intermittent issue, or something on our end.
Regardless, I believe you're right, the ...-s3 endpoint generally seems to be considered more stable.