Wasn't Privacy Pass supposed to fix this? Let the browser generate and store some PoW or something that it hands off to the site, so each site doesn't have to do the same thing.

https://github.com/cloudflare/pp-browser-extension seems kind of dead (a dependabot zombie).

eta: I completely missed this two days ago: https://www.cloudflare.com/press/press-releases/2026/cloudfl...

I have the same experience, and I ended up removing Cloudflare from the websites I manage since there were too many complaints from users with shared connections or exotic browsers.

Not sure if you're talking about different sites or same one. If different sites, it doesn't make much sense to add that feature because site owners would rarely (if ever) want it. If same site, blame again the site owner who has the ability to configure challenge cookie expiry.