Make it easy to open the Unsafe Browser only from Tor Connection (when a captive portal is detected)

Steps
- Have a LAN Browser that can only access RFC 1918 IP ranges
- Remove the graphical launcher for the Unsafe Browser (I suppose we can do this once we've done #1) ⇒ the only ways to start it are Tor Connection (legit) or sudo unsafe-browser in a Terminal (that's OK, power users will always find ways to shoot themselves in the foot)
- Design how we display troubleshooting options when Tor fails to bootstrap after we've detected a captive portal (ideally we would not even try to bootstrap, but that's a bigger topic, better suited for #5785 (closed))
- Hide donation banners in Unsafe Browser using .hide-in-unsafe-browser in Ikiwiki templates (@sajolida knows what this is about)
Blocked by
- Open the Unsafe Browser from Tor Connection (#18339 - closed) (fixed by !838 (merged))
- Detect captive portals (#5785 - closed) (we already detect captive portals actually, so the real blocker is making the "we've detected a captive portal" info available to the relevant code in Tor Connection, so it can adjust the troubleshooting screen accordingly)

Edited Oct 26, 2022 by sajolida

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information