Tighten the scope of trusted Intents before trusting them.

chrome/android/java/src/org/chromium/chrome/browser/IntentHandler.java

Index: chrome/android/java/src/org/chromium/chrome/browser/IntentHandler.java
diff --git a/chrome/android/java/src/org/chromium/chrome/browser/IntentHandler.java b/chrome/android/java/src/org/chromium/chrome/browser/IntentHandler.java
index db629e07202840b2abfe6a1fc7f79fff68fd8092..e0d73c9dd67f3675cea83a2f3e003809accf236f 100644
--- a/chrome/android/java/src/org/chromium/chrome/browser/IntentHandler.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/IntentHandler.java
@@ -589,14 +589,14 @@ public class IntentHandler {
      */
     public static void addTrustedIntentExtras(Intent intent) {
         if (ExternalNavigationDelegateImpl.willChromeHandleIntent(intent, true)) {
-            // The PendingIntent functions as an authentication token --- it could only have come
-            // from us. Stash it in the real Intent as an extra. shouldIgnoreIntent will retrieve it
-            // and check it with isIntentChromeInternal.
-            intent.putExtra(TRUSTED_APPLICATION_CODE_EXTRA, getAuthenticationToken());
             // It is crucial that we never leak the authentication token to other packages, because
             // then the other package could be used to impersonate us/do things as us. Therefore,
             // scope the real Intent to our package.
             intent.setPackage(ContextUtils.getApplicationContext().getPackageName());
+            // The PendingIntent functions as an authentication token --- it could only have come
+            // from us. Stash it in the real Intent as an extra. shouldIgnoreIntent will retrieve it
+            // and check it with isIntentChromeInternal.
+            intent.putExtra(TRUSTED_APPLICATION_CODE_EXTRA, getAuthenticationToken());
         }
     }