MrSwitch · ashfaq3112 · Nov 24, 2025 · Nov 29, 2025
diff --git a/dist/hello.all.js b/dist/hello.all.js
diff --git a/dist/hello.all.min.js b/dist/hello.all.min.js
diff --git a/dist/hello.js b/dist/hello.js
@@ -1,4 +1,4 @@
-/*! hellojs v1.20.0 - (c) 2012-2023 Andrew Dodson - MIT https://adodson.com/hello.js/LICENSE */
+/*! hellojs v1.20.0 - (c) 2012-2025 Andrew Dodson - MIT https://adodson.com/hello.js/LICENSE */
 // ES5 Object.create
 if (!Object.create) {
 

diff --git a/dist/hello.min.js b/dist/hello.min.js
diff --git a/docs/instagram.md b/docs/instagram.md
@@ -0,0 +1,8 @@
+Instagram OAuth Deprecation Notice
+
+Instagram has fully deprecated its standalone OAuth API.
+The old endpoints (https://instagram.com/oauth/authorize/) no longer work and always return a cancellation error or 405 on logout.
+
+This provider is deprecated unless rewritten to use Facebook Graph API with server-side login.
+
+Logout has been updated to use POST + CSRF token when possible, but the Instagram API still blocks cross-site logout.
diff --git a/package-lock.json b/package-lock.json
diff --git a/redirect.html b/redirect.html
@@ -7,7 +7,6 @@
 
 This page is used for authentication as well as POST using the Iframe+form+hash communication hack.
 
-
 -->
 <html>
 <head>

diff --git a/src/modules/google.js b/src/modules/google.js
@@ -14,6 +14,8 @@
 				auth: 'https://accounts.google.com/o/oauth2/v2/auth',
 				grant: 'https://www.googleapis.com/oauth2/v4/token'
 			},
+			redirect_uri: window.location.origin + '/redirect.html',
+
 
 			// Authorization scopes
 			scope: {
@@ -30,6 +32,7 @@
 				create_event: '',
 				offline_access: ''
 			},
+
 
 			scope_delim: ' ',
 
@@ -49,6 +52,7 @@
 				if (p.options.force) {
 					p.qs.prompt = 'consent';
 				}
+
 			},
 
 			// API base URI
@@ -212,6 +216,19 @@
 
 		return o;
 	}
+			function generateCodeVerifier() {
+			const array = new Uint8Array(32);
+			window.crypto.getRandomValues(array);
+			return btoa(String.fromCharCode.apply(null, array))
+				.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
+		}
+
+		async function generateCodeChallenge(verifier) {
+			const data = new TextEncoder().encode(verifier);
+			const digest = await crypto.subtle.digest("SHA-256", data);
+			return btoa(String.fromCharCode.apply(null, new Uint8Array(digest)))
+				.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
+		}
 
 	function formatImage(image) {
 		return {
-Original file line number
+Diff line change
@@ Expand Up / @@ -7,7 +7,6 @@ @@
     This page is used for authentication as well as POST using the Iframe+form+hash communication hack.
     -->
     <html>
     <head>
@@ Expand Down @@