Pass null WebString for empty WebSecurityOrigin::suborigin()

This removes a bunch of calls which end up with a WebString pointing to
the global empty string, which was showing up in profiles.

BUG=348655

Review-Url: https://codereview.chromium.org/2555983003
Cr-Commit-Position: refs/heads/master@{#438070}

third_party/WebKit/Source/platform/exported/WebSecurityOrigin.cpp

@@ -95,7 +95,8 @@ unsigned short WebSecurityOrigin::effectivePort() const {
 
 WebString WebSecurityOrigin::suborigin() const {
   DCHECK(m_private);
-  return m_private->hasSuborigin() ? m_private->suborigin()->name() : "";
+  return m_private->hasSuborigin() ? WebString(m_private->suborigin()->name())
+                                   : WebString();
 }
 
 bool WebSecurityOrigin::isUnique() const {