Limit Link header based SW installations for fetches made by SW.

content/browser/service_worker/link_header_support.cc

Index: content/browser/service_worker/link_header_support.cc
diff --git a/content/browser/service_worker/link_header_support.cc b/content/browser/service_worker/link_header_support.cc
index 0cb2f29d8a3ded4bf92279cd0a4a75ced503447d..b2364d8518e914b7bef72b45ac46fba6e154a532 100644
--- a/content/browser/service_worker/link_header_support.cc
+++ b/content/browser/service_worker/link_header_support.cc
@@ -65,11 +65,20 @@ void HandleServiceWorkerLink(
   if (!service_worker_context)
     return;
 
+  ServiceWorkerProviderHost* provider_host =
+      ServiceWorkerRequestHandler::GetProviderHost(request);
+
+  // If fetched from a service worker, make sure fetching service worker is
+  // controlling at least one client to prevent a service worker from spawning
+  // new service workers in the background.
+  if (provider_host && provider_host->IsHostToRunningServiceWorker()) {
+    if (!provider_host->running_hosted_version()->HasControllee())
+      return;
+  }
+
   if (ServiceWorkerUtils::IsMainResourceType(request_info->GetResourceType())) {
     // In case of navigations, make sure the navigation will actually result in
     // a secure context.
-    ServiceWorkerProviderHost* provider_host =
-        ServiceWorkerRequestHandler::GetProviderHost(request);
     if (!provider_host || !provider_host->IsContextSecureForServiceWorker())
       return;
   } else {