Flush persisted data in case of request from vulnerable browser

[bartekn]

Recently Android Browser Same Origin Policy Bypass < 4.4 - CVE-2014-6041 was revealed. In short, it allows attacker to access any domain's content, cookies and other properties. stellar-client is redirecting Android Browser < 4.4 users to unsupported.html file because it's not supported. However, in case a similar bug will be found in the future in a browser that is currently supported there may be localWalletKey cookie saved in a user's browser. In such situations, we should also flush all persisted data.

[nullstyle]

I would say we probably add the notion of a blacklisted browser, which is a separate distinction from merely unsupported. If our our index page finds that you're on a blacklisted browser, then we go through the process of purposefully clearing client side data.

We could add a function alongside isSupportedBrowser called isBlackListedBrowser that triggers the whole thing