In July 2019, Facebook release RapiD a fork of the iD editor which uses Facebook hosted images and machine learning results. I initially had HTTP CORS errors. Blocking/Limiting Facebook web access is an important part of modern internet security, I was reluctant to whitelist it. Instead I've forked it to create 'RapiDly Private', which proxies access to Facebook data through this web server.
This is in the early days, and there is still a lot of references to RapiD and stuff. Please stand by!
The Apache configuration directives to proxy are like this:
SSLProxyEngine on ProxyVia Block <Location "/openstreetmap/rapidlyprivate/fb/"> Header set Access-Control-Allow-Origin "*" Header unset X-FB-Debug ProxyAddHeaders Off RequestHeader set DNT 1 RequestHeader set X-Clacks-Overhead "GNU Terry Pratchett" RequestHeader unset Accept RequestHeader unset Accept-Encoding RequestHeader unset Accept-Language RequestHeader unset User-Agent ProxyPass "https://www.facebook.com/maps/" </Location>