remove "onionbrowser:forcequit" and replace with explicit how-to-forc…

…equit instructions. prevents attacks such as including "onionbrowser:forcequit" URL in an img tag. (OB-01-013)

OnionBrowser/ProxyURLProtocol.m

@@ -110,14 +110,6 @@ - (void)startLoading {
         } else if ([[[[self request] URL] absoluteString] rangeOfString:@"help"].location != NSNotFound) {
             /* onionbrowser:help */
             url = [NSURL URLWithString: [NSString stringWithFormat:@"file:/%@/help.html",resourcePath]];
-        } else if ([[[[self request] URL] absoluteString] rangeOfString:@"forcequit"].location != NSNotFound) {
-            /* onionbrowser:forcequit */
-            UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Force-quitting"
-                                                            message:@"Onion Browser will now close. Restarting the app will try a fresh Tor connection."
-                                                           delegate:self
-                                                  cancelButtonTitle:@"Quit app"
-                                                  otherButtonTitles:nil];
-            [alert show];
         } else {
             /* onionbrowser:home */
             url = [NSURL URLWithString: [NSString stringWithFormat:@"file:/%@/startup.html",resourcePath]];
@@ -137,15 +129,6 @@ -(void)stopLoading {
 }
 
 
-- (void) alertView:(UIAlertView *)actionSheet clickedButtonAtIndex:(NSInteger)buttonIndex {
-    if ([actionSheet.title isEqualToString:@"Force-quitting"]) {
-        AppDelegate *appDelegate = [[UIApplication sharedApplication] delegate];
-        [appDelegate wipeAppData];
-        exit(0);
-    }
-}
-
-
 #pragma mark -
 #pragma mark NSURLConnectionDelegate
 

OnionBrowser/help.html

@@ -434,13 +434,14 @@ <h2>Help &amp; Support</h2>
           <h3>The browser is stuck: links don't work &amp; typing in an address doesn't do anything.</h3>
           <p>Try <a href="http://support.apple.com/kb/ht5137">force-quitting the app</a> and opening it again.</p>
             <ul>
-              <li><a href="onionbrowser:forcequit">Click here to try to force-quit</a>.</li>
+                <li>On iOS 6: Tap the "home" button on your device to return to the home screen. From here, double-tap the "home button" to open a row of currently running apps. In this list, press and hold the Onion Browser icon until it begins to shake and an "X" appears on it. Press the "X"; Onion Browser should be removed from the list, meaning that it has now been quit. Press the "home" button to exit this row of apps.</li>
+                <li>On iOS 7+ Double-tap the "home button" on your device to open a screen showing app thumbnails; you can <i>swipe left and right</i> to see different apps in this screen. Find Onion Browser in this list and <i>swipe up</i> to remove it from the list. Once Onion Browser is removed from the list, the app has been exited successfully. Press the "home" button to exit this app menu. <a href="http://support.apple.com/kb/ht5137">Visit this page</a> for more assistance.</li>
             </ul>
           <p>(The way Tor is is implemented in this app can conflict with the way iOS handles "sleeping" apps. This problem sometimes happens when the phone goes to sleep or if you go to another app and then come back.)</p>
           <h3>The app is stuck on &ldquo;Connecting&hellip;&rdquo;</h3>
           <p>Try <a href="http://support.apple.com/kb/ht5137">force-quitting the app</a> and opening it again.</p>
             <ul>
-              <li><a href="onionbrowser:forcequit">Click here to try to force-quit</a>.</li>
+              <li>See instructions in the above answer.</li>
             </ul>
           <p>(Your network provider may be blocking connections to Tor. If you are an advanced Tor user and would like to try using "bridge" nodes to access Tor: {# visit <code><a href="http://tigas3l7uusztiqu.onion/onionbrowser/help/">onionbrowser.com/help</a></code> and view the "<b>Using Bridges</b>" section#} see the "<b>Using Bridges</b>" section below.)</p>