The security context appId is set by the launching container (i.e flatpak) and is therefore more trustworthy than any other source of application ID.
Use this when looking up allowed wayland extensions.
wayland: Drop isTrustedOrigin check
The rationale behind the check was sandboxed apps could have a different mount namespace to kwin, therefore lying about the executable path was doable.
Moving forward anything sandboxed will have a security context app Id. Anything not sandboxed can circumvent these checks anyway.
This significantly improves application launch time.