Client-side redirect by target + Server-side redirect by attacker (calc) via iframe for repeated prompts

Repeated prompts work automatically.