@helia/verified-fetch 3.2.3 → 4.0.1

package/src/utils/select-output-type.ts

@@ -3,7 +3,7 @@ import { code as dagJsonCode } from '@ipld/dag-json'
 import { code as dagPbCode } from '@ipld/dag-pb'
 import { code as jsonCode } from 'multiformats/codecs/json'
 import { code as rawCode } from 'multiformats/codecs/raw'
-import type { RequestFormatShorthand } from '../types.js'
+import type { RequestFormatShorthand } from '../index.js'
 import type { CID } from 'multiformats/cid'
 
 /**
@@ -62,10 +62,15 @@ const CID_TYPE_MAP: Record<number, string[]> = {
   ]
 }
 
+export interface AcceptHeader {
+  mimeType: string
+  options: Record<string, string>
+}
+
 /**
  * Selects an output mime-type based on the CID and a passed `Accept` header
  */
-export function selectOutputType (cid: CID, accept?: string): string | undefined {
+export function selectOutputType (cid: CID, accept?: string): AcceptHeader | undefined {
   const cidMimeTypes = CID_TYPE_MAP[cid.code]
 
   if (accept != null) {
@@ -73,80 +78,69 @@ export function selectOutputType (cid: CID, accept?: string): string | undefined
   }
 }
 
-function chooseMimeType (accept: string, validMimeTypes: string[]): string | undefined {
+function chooseMimeType (accept: string, validMimeTypes: string[]): AcceptHeader | undefined {
   const requestedMimeTypes = accept
     .split(',')
     .map(s => {
       const parts = s.trim().split(';')
 
+      const options: Record<string, string> = {
+        q: '0'
+      }
+
+      for (let i = 1; i < parts.length; i++) {
+        const [key, value] = parts[i].split('=').map(s => s.trim())
+
+        options[key] = value
+      }
+
       return {
         mimeType: `${parts[0]}`.trim(),
-        weight: parseQFactor(parts[1])
+        options
       }
     })
     .sort((a, b) => {
-      if (a.weight === b.weight) {
+      if (a.options.q === b.options.q) {
         return 0
       }
 
-      if (a.weight > b.weight) {
+      if (a.options.q > b.options.q) {
         return -1
       }
 
       return 1
     })
-    .map(s => s.mimeType)
 
   for (const headerFormat of requestedMimeTypes) {
     for (const mimeType of validMimeTypes) {
-      if (headerFormat.includes(mimeType)) {
-        return mimeType
+      if (headerFormat.mimeType.includes(mimeType)) {
+        return headerFormat
       }
 
-      if (headerFormat === '*/*') {
-        return mimeType
+      if (headerFormat.mimeType === '*/*') {
+        return {
+          mimeType,
+          options: headerFormat.options
+        }
       }
 
-      if (headerFormat.startsWith('*/') && mimeType.split('/')[1] === headerFormat.split('/')[1]) {
-        return mimeType
+      if (headerFormat.mimeType.startsWith('*/') && mimeType.split('/')[1] === headerFormat.mimeType.split('/')[1]) {
+        return {
+          mimeType,
+          options: headerFormat.options
+        }
       }
 
-      if (headerFormat.endsWith('/*') && mimeType.split('/')[0] === headerFormat.split('/')[0]) {
-        return mimeType
+      if (headerFormat.mimeType.endsWith('/*') && mimeType.split('/')[0] === headerFormat.mimeType.split('/')[0]) {
+        return {
+          mimeType,
+          options: headerFormat.options
+        }
       }
     }
   }
 }
 
-/**
- * Parses q-factor weighting from the accept header to allow letting some mime
- * types take precedence over others.
- *
- * If the q-factor for an acceptable mime representation is omitted it defaults
- * to `1`.
- *
- * All specified values should be in the range 0-1.
- *
- * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept#q
- */
-function parseQFactor (str?: string): number {
-  if (str != null) {
-    str = str.trim()
-  }
-
-  if (str?.startsWith('q=') !== true) {
-    return 1
-  }
-
-  const factor = parseFloat(str.replace('q=', ''))
-
-  if (isNaN(factor)) {
-    return 0
-  }
-
-  return factor
-}
-
 export const FORMAT_TO_MIME_TYPE: Record<RequestFormatShorthand, string> = {
   raw: 'application/vnd.ipld.raw',
   car: 'application/vnd.ipld.car',

package/src/utils/server-timing.ts

@@ -1,37 +1,24 @@
-export interface ServerTimingSuccess<T> {
-  error: null
-  result: T
-  header: string
-}
-export interface ServerTimingError {
-  result: null
-  error: Error
-  header: string
-}
-export type ServerTimingResult<T> = ServerTimingSuccess<T> | ServerTimingError
+export class ServerTiming {
+  private headers: string[]
 
-export async function serverTiming<T> (
-  name: string,
-  description: string,
-  fn: () => Promise<T>
-): Promise<ServerTimingResult<T>> {
-  const startTime = performance.now()
+  constructor () {
+    this.headers = []
+  }
 
-  try {
-    const result = await fn() // Execute the function
-    const endTime = performance.now()
+  getHeader (): string {
+    return this.headers.join(',')
+  }
 
-    const duration = (endTime - startTime).toFixed(1) // Duration in milliseconds
+  async time <T> (name: string, description: string, promise: Promise<T>): Promise<T> {
+    const startTime = performance.now()
 
-    // Create the Server-Timing header string
-    const header = `${name};dur=${duration};desc="${description}"`
-    return { result, header, error: null }
-  } catch (error: any) {
-    const endTime = performance.now()
-    const duration = (endTime - startTime).toFixed(1)
+    try {
+      return await promise // Execute the function
+    } finally {
+      const endTime = performance.now()
+      const duration = (endTime - startTime).toFixed(1) // Duration in milliseconds
 
-    // Still return a timing header even on error
-    const header = `${name};dur=${duration};desc="${description}"`
-    return { result: null, error, header } // Pass error with timing info
+      this.headers.push(`${name};dur=${duration};desc="${description}"`)
+    }
   }
 }

package/src/utils/walk-path.ts

@@ -52,7 +52,7 @@ export function isObjectNode (node: UnixFSEntry): node is ObjectNode {
  */
 export async function handlePathWalking ({ cid, path, resource, options, blockstore, log }: PluginContext & { blockstore: Blockstore, log: Logger }): Promise<PathWalkerResponse | Response> {
   try {
-    return await walkPath(blockstore, `${cid.toString()}/${path}`, options)
+    return await walkPath(blockstore, `${cid}/${path}`, options)
   } catch (err: any) {
     if (options?.signal?.aborted) {
       throw new AbortError(options?.signal?.reason)
@@ -62,7 +62,7 @@ export async function handlePathWalking ({ cid, path, resource, options, blockst
       return notFoundResponse(resource)
     }
 
-    log.error('error walking path %s', path, err)
+    log.error('error walking path "%s" - %e', path, err)
     return badGatewayResponse(resource, 'Error walking path')
   }
 }

package/src/verified-fetch.ts

@@ -1,6 +1,6 @@
-import { ipns as heliaIpns } from '@helia/ipns'
+import { dnsLink } from '@helia/dnslink'
+import { ipnsResolver } from '@helia/ipns'
 import { AbortError } from '@libp2p/interface'
-import { prefixLogger } from '@libp2p/logger'
 import { CustomProgressEvent } from 'progress-events'
 import QuickLRU from 'quick-lru'
 import { ByteRangeContextPlugin } from './plugins/plugin-handle-byte-range-context.js'
@@ -12,22 +12,25 @@ import { IpnsRecordPlugin } from './plugins/plugin-handle-ipns-record.js'
 import { JsonPlugin } from './plugins/plugin-handle-json.js'
 import { RawPlugin } from './plugins/plugin-handle-raw.js'
 import { TarPlugin } from './plugins/plugin-handle-tar.js'
+import { URLResolver } from './url-resolver.ts'
 import { contentTypeParser } from './utils/content-type-parser.js'
+import { errorToObject } from './utils/error-to-object.ts'
 import { getContentDispositionFilename } from './utils/get-content-disposition-filename.js'
 import { getETag } from './utils/get-e-tag.js'
 import { getResolvedAcceptHeader } from './utils/get-resolved-accept-header.js'
 import { getRedirectResponse } from './utils/handle-redirects.js'
-import { parseResource } from './utils/parse-resource.js'
+import { uriEncodeIPFSPath } from './utils/ipfs-path-to-string.ts'
 import { resourceToSessionCacheKey } from './utils/resource-to-cache-key.js'
 import { setCacheControlHeader } from './utils/response-headers.js'
-import { badRequestResponse, notAcceptableResponse, notSupportedResponse, badGatewayResponse } from './utils/responses.js'
+import { badRequestResponse, notAcceptableResponse, internalServerErrorResponse, notImplementedResponse } from './utils/responses.js'
 import { selectOutputType } from './utils/select-output-type.js'
-import { serverTiming } from './utils/server-timing.js'
-import type { CIDDetail, ContentTypeParser, CreateVerifiedFetchOptions, Resource, ResourceDetail, VerifiedFetchInit as VerifiedFetchOptions } from './index.js'
+import { ServerTiming } from './utils/server-timing.js'
+import type { CIDDetail, ContentTypeParser, CreateVerifiedFetchOptions, ResolveURLResult, Resource, ResourceDetail, VerifiedFetchInit as VerifiedFetchOptions } from './index.js'
 import type { VerifiedFetchPlugin, PluginContext, PluginOptions } from './plugins/types.js'
-import type { ParsedUrlStringResults } from './utils/parse-url-string.js'
+import type { AcceptHeader } from './utils/select-output-type.js'
+import type { DNSLink } from '@helia/dnslink'
 import type { Helia, SessionBlockstore } from '@helia/interface'
-import type { IPNS } from '@helia/ipns'
+import type { IPNSResolver } from '@helia/ipns'
 import type { AbortOptions, Logger } from '@libp2p/interface'
 import type { Blockstore } from 'interface-blockstore'
 import type { CID } from 'multiformats/cid'
@@ -35,11 +38,6 @@ import type { CID } from 'multiformats/cid'
 const SESSION_CACHE_MAX_SIZE = 100
 const SESSION_CACHE_TTL_MS = 60 * 1000
 
-interface VerifiedFetchComponents {
-  helia: Helia
-  ipns?: IPNS
-}
-
 function convertOptions (options?: VerifiedFetchOptions): (Omit<VerifiedFetchOptions, 'signal'> & AbortOptions) | undefined {
   if (options == null) {
     return undefined
@@ -60,19 +58,20 @@ function convertOptions (options?: VerifiedFetchOptions): (Omit<VerifiedFetchOpt
 
 export class VerifiedFetch {
   private readonly helia: Helia
-  private readonly ipns: IPNS
+  private readonly ipnsResolver: IPNSResolver
+  private readonly dnsLink: DNSLink
   private readonly log: Logger
   private readonly contentTypeParser: ContentTypeParser | undefined
   private readonly blockstoreSessions: QuickLRU<string, SessionBlockstore>
-  private serverTimingHeaders: string[] = []
   private readonly withServerTiming: boolean
   private readonly plugins: VerifiedFetchPlugin[] = []
 
-  constructor ({ helia, ipns }: VerifiedFetchComponents, init?: CreateVerifiedFetchOptions) {
+  constructor (helia: Helia, init: CreateVerifiedFetchOptions = {}) {
     this.helia = helia
     this.log = helia.logger.forComponent('helia:verified-fetch')
-    this.ipns = ipns ?? heliaIpns(helia)
-    this.contentTypeParser = init?.contentTypeParser ?? contentTypeParser
+    this.ipnsResolver = init.ipnsResolver ?? ipnsResolver(helia)
+    this.dnsLink = init.dnsLink ?? dnsLink(helia)
+    this.contentTypeParser = init.contentTypeParser ?? contentTypeParser
     this.blockstoreSessions = new QuickLRU({
       maxSize: init?.sessionCacheSize ?? SESSION_CACHE_MAX_SIZE,
       maxAge: init?.sessionTTLms ?? SESSION_CACHE_TTL_MS,
@@ -84,11 +83,11 @@ export class VerifiedFetch {
 
     const pluginOptions: PluginOptions = {
       ...init,
-      logger: prefixLogger('helia:verified-fetch'),
+      logger: helia.logger.forComponent('verified-fetch'),
       getBlockstore: (cid, resource, useSession, options) => this.getBlockstore(cid, resource, useSession, options),
-      handleServerTiming: async (name, description, fn) => this.handleServerTiming(name, description, fn, this.withServerTiming),
       helia,
-      contentTypeParser: this.contentTypeParser
+      contentTypeParser: this.contentTypeParser,
+      ipnsResolver: this.ipnsResolver
     }
 
     const defaultPlugins = [
@@ -103,7 +102,7 @@ export class VerifiedFetch {
       new DagPbPlugin(pluginOptions)
     ]
 
-    const customPlugins = init?.plugins?.map((pluginFactory) => pluginFactory(pluginOptions)) ?? []
+    const customPlugins = init.plugins?.map((pluginFactory) => pluginFactory(pluginOptions)) ?? []
 
     if (customPlugins.length > 0) {
       // allow custom plugins to replace default plugins
@@ -117,8 +116,6 @@ export class VerifiedFetch {
     } else {
       this.plugins = defaultPlugins
     }
-
-    this.log.trace('created VerifiedFetch instance')
   }
 
   private getBlockstore (root: CID, resource: string | CID, useSession: boolean = true, options: AbortOptions = {}): Blockstore {
@@ -137,35 +134,20 @@ export class VerifiedFetch {
     return session
   }
 
-  private async handleServerTiming<T> (name: string, description: string, fn: () => Promise<T>, withServerTiming: boolean): Promise<T> {
-    if (!withServerTiming) {
-      return fn()
-    }
-    const { error, result, header } = await serverTiming(name, description, fn)
-    this.serverTimingHeaders.push(header)
-    if (error != null) {
-      throw error
-    }
-
-    return result
-  }
-
   /**
    * The last place a Response touches in verified-fetch before being returned to the user. This is where we add the
    * Server-Timing header to the response if it has been collected. It should be used for any final processing of the
    * response before it is returned to the user.
    */
-  private handleFinalResponse (response: Response, { query, cid, reqFormat, ttl, protocol, ipfsPath, pathDetails, byteRangeContext, options }: Partial<PluginContext> = {}): Response {
-    if (this.serverTimingHeaders.length > 0) {
-      const headerString = this.serverTimingHeaders.join(', ')
-      response.headers.set('Server-Timing', headerString)
-      this.serverTimingHeaders = []
+  private handleFinalResponse (response: Response, context?: Partial<PluginContext>): Response {
+    if ((this.withServerTiming || context?.withServerTiming === true) && context?.serverTiming != null) {
+      response.headers.set('Server-Timing', context?.serverTiming.getHeader())
     }
 
     // if there are multiple ranges, we should omit the content-length header. see https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Transfer-Encoding
     if (response.headers.get('Transfer-Encoding') !== 'chunked') {
-      if (byteRangeContext != null) {
-        const contentLength = byteRangeContext.getLength()
+      if (context?.byteRangeContext != null) {
+        const contentLength = context.byteRangeContext.getLength()
         if (contentLength != null) {
           this.log.trace('Setting Content-Length from byteRangeContext: %d', contentLength)
           response.headers.set('Content-Length', contentLength.toString())
@@ -176,50 +158,55 @@ export class VerifiedFetch {
     // set Content-Disposition header
     let contentDisposition: string | undefined
 
-    this.log.trace('checking for content disposition')
-
     // force download if requested
-    if (query?.download === true) {
+    if (context?.query?.download === true) {
+      this.log.trace('download requested')
       contentDisposition = 'attachment'
-    } else {
-      this.log.trace('download not requested')
     }
 
     // override filename if requested
-    if (query?.filename != null) {
+    if (context?.query?.filename != null) {
+      this.log.trace('specific filename requested')
+
       if (contentDisposition == null) {
         contentDisposition = 'inline'
       }
 
-      contentDisposition = `${contentDisposition}; ${getContentDispositionFilename(query.filename)}`
-    } else {
-      this.log.trace('no filename specified in query')
+      contentDisposition = `${contentDisposition}; ${getContentDispositionFilename(context.query.filename)}`
     }
 
     if (contentDisposition != null) {
+      this.log.trace('content disposition %s', contentDisposition)
       response.headers.set('Content-Disposition', contentDisposition)
-    } else {
-      this.log.trace('no content disposition specified')
     }
 
-    if (cid != null && response.headers.get('etag') == null) {
-      response.headers.set('etag', getETag({ cid: pathDetails?.terminalElement.cid ?? cid, reqFormat, weak: false }))
+    if (context?.cid != null && response.headers.get('etag') == null) {
+      response.headers.set('etag', getETag({
+        cid: context.pathDetails?.terminalElement.cid ?? context.cid,
+        reqFormat: context.reqFormat,
+        weak: false
+      }))
     }
 
-    if (protocol != null) {
-      setCacheControlHeader({ response, ttl, protocol })
+    if (context?.protocol != null && context.ttl != null) {
+      setCacheControlHeader({
+        response,
+        ttl: context.ttl,
+        protocol: context.protocol
+      })
     }
-    if (ipfsPath != null) {
-      response.headers.set('X-Ipfs-Path', ipfsPath)
+
+    if (context?.ipfsPath != null) {
+      response.headers.set('X-Ipfs-Path', uriEncodeIPFSPath(context.ipfsPath))
     }
 
     // set CORS headers. If hosting your own gateway with verified-fetch behind the scenes, you can alter these before you send the response to the client.
     response.headers.set('Access-Control-Allow-Origin', '*')
     response.headers.set('Access-Control-Allow-Methods', 'GET, HEAD, OPTIONS')
     response.headers.set('Access-Control-Allow-Headers', 'Range, X-Requested-With')
-    response.headers.set('Access-Control-Expose-Headers', 'Content-Range, Content-Length, X-Ipfs-Path, X-Stream-Output')
+    response.headers.set('Access-Control-Expose-Headers', 'Content-Range, Content-Length, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output')
 
-    if (reqFormat !== 'car') {
+    if (context?.reqFormat !== 'car') {
       // if we are not doing streaming responses, set the Accept-Ranges header to bytes to enable range requests
       response.headers.set('Accept-Ranges', 'bytes')
     } else {
@@ -227,10 +214,17 @@ export class VerifiedFetch {
       response.headers.set('Accept-Ranges', 'none')
     }
 
-    if (options?.method === 'HEAD') {
+    if (response.headers.get('Content-Type')?.includes('application/vnd.ipld.car') === true || response.headers.get('Content-Type')?.includes('application/vnd.ipld.raw') === true) {
+      // see https://specs.ipfs.tech/http-gateways/path-gateway/#x-content-type-options-response-header
+      response.headers.set('X-Content-Type-Options', 'nosniff')
+    }
+
+    if (context?.options?.method === 'HEAD') {
       // don't send the body for HEAD requests
-      const headers = response?.headers
-      return new Response(null, { status: 200, headers })
+      return new Response(null, {
+        status: 200,
+        headers: response.headers
+      })
     }
 
     return response
@@ -240,7 +234,7 @@ export class VerifiedFetch {
    * Runs plugins in a loop. After each plugin that returns `null` (partial/no final),
    * we re-check `canHandle()` for all plugins in the next iteration if the context changed.
    */
-  private async runPluginPipeline (context: PluginContext, maxPasses: number = 3): Promise<Response | undefined> {
+  private async runPluginPipeline (context: PluginContext, maxPasses: number = 3): Promise<Response> {
     let finalResponse: Response | undefined
     let passCount = 0
     const pluginsUsed = new Set<string>()
@@ -248,23 +242,27 @@ export class VerifiedFetch {
     let prevModificationId = context.modified
 
     while (passCount < maxPasses) {
-      this.log(`Starting pipeline pass #${passCount + 1}`)
+      this.log(`starting pipeline pass #${passCount + 1}`)
       passCount++
 
+      this.log.trace('checking which plugins can handle %c%s with accept %o', context.cid, context.path != null ? `/${context.path}` : '', context.accept)
+
       // gather plugins that say they can handle the *current* context, but haven't been used yet
       const readyPlugins = this.plugins.filter(p => !pluginsUsed.has(p.id)).filter(p => p.canHandle(context))
+
       if (readyPlugins.length === 0) {
-        this.log.trace('No plugins can handle the current context.. checking by CID code')
+        this.log.trace('no plugins can handle the current context, checking by CID code')
         const plugins = this.plugins.filter(p => p.codes.includes(context.cid.code))
+
         if (plugins.length > 0) {
           readyPlugins.push(...plugins)
         } else {
-          this.log.trace('No plugins found that can handle request by CID code; exiting pipeline.')
+          this.log.trace('no plugins found that can handle request by CID code; exiting pipeline')
           break
         }
       }
 
-      this.log.trace('Plugins ready to handle request: ', readyPlugins.map(p => p.id).join(', '))
+      this.log.trace('plugins ready to handle request: %s', readyPlugins.map(p => p.id).join(', '))
 
       // track if any plugin changed the context or returned a response
       let contextChanged = false
@@ -272,10 +270,13 @@ export class VerifiedFetch {
 
       for (const plugin of readyPlugins) {
         try {
-          this.log.trace('Invoking plugin:', plugin.id)
+          this.log('invoking plugin: %s', plugin.id)
           pluginsUsed.add(plugin.id)
 
           const maybeResponse = await plugin.handle(context)
+
+          this.log('plugin response %s %o', plugin.id, maybeResponse)
+
           if (maybeResponse != null) {
             // if a plugin returns a final Response, short-circuit
             finalResponse = maybeResponse
@@ -286,12 +287,16 @@ export class VerifiedFetch {
           if (context.options?.signal?.aborted) {
             throw new AbortError(context.options?.signal?.reason)
           }
-          this.log.error('Error in plugin:', plugin.constructor.name, err)
-          // if fatal, short-circuit the pipeline
-          if (err.name === 'PluginFatalError') {
-            // if plugin provides a custom error response, return it
-            return err.response ?? badGatewayResponse(context.resource, 'Failed to fetch')
-          }
+
+          this.log.error('error in plugin %s - %e', plugin.id, err)
+
+          return internalServerErrorResponse(context.resource, JSON.stringify({
+            error: errorToObject(err)
+          }), {
+            headers: {
+              'content-type': 'application/json'
+            }
+          })
         } finally {
           // on each plugin call, check for changes in the context
           const newModificationId = context.modified
@@ -302,7 +307,7 @@ export class VerifiedFetch {
         }
 
         if (finalResponse != null) {
-          this.log.trace('Plugin produced final response:', plugin.id)
+          this.log.trace('plugin %s produced final response', plugin.id)
           break
         }
       }
@@ -312,12 +317,18 @@ export class VerifiedFetch {
       }
 
       if (!contextChanged) {
-        this.log.trace('No context changes and no final response; exiting pipeline.')
+        this.log.trace('no context changes and no final response; exiting pipeline.')
         break
       }
     }
 
-    return finalResponse
+    return finalResponse ?? notImplementedResponse(context.resource, JSON.stringify({
+      error: errorToObject(new Error('No verified fetch plugin could handle the request'))
+    }), {
+      headers: {
+        'content-type': 'application/json'
+      }
+    })
   }
 
   /**
@@ -335,14 +346,20 @@ export class VerifiedFetch {
     }
 
     const options = convertOptions(opts)
-    const withServerTiming = options?.withServerTiming ?? this.withServerTiming
+    const serverTiming = new ServerTiming()
+
+    const urlResolver = new URLResolver({
+      ipnsResolver: this.ipnsResolver,
+      dnsLink: this.dnsLink,
+      timing: serverTiming
+    })
 
     options?.onProgress?.(new CustomProgressEvent<ResourceDetail>('verified-fetch:request:start', { resource }))
 
-    let parsedResult: ParsedUrlStringResults
+    let parsedResult: ResolveURLResult
+
     try {
-      parsedResult = await this.handleServerTiming('parse-resource', '', async () => parseResource(resource, { ipns: this.ipns, logger: this.helia.logger }, { withServerTiming, ...options }), withServerTiming)
-      this.serverTimingHeaders.push(...parsedResult.serverTimings.map(({ header }) => header))
+      parsedResult = await urlResolver.resolve(resource, options)
     } catch (err: any) {
       if (options?.signal?.aborted) {
         throw new AbortError(options?.signal?.reason)
@@ -356,14 +373,15 @@ export class VerifiedFetch {
 
     const acceptHeader = getResolvedAcceptHeader({ query: parsedResult.query, headers: options?.headers, logger: this.helia.logger })
 
-    const accept: string | undefined = selectOutputType(parsedResult.cid, acceptHeader)
-    this.log('output type %s', accept)
+    const accept: AcceptHeader | undefined = selectOutputType(parsedResult.cid, acceptHeader)
+    this.log('accept %o', accept)
 
     if (acceptHeader != null && accept == null) {
+      this.log.error('could not fulfil request based on accept header')
       return this.handleFinalResponse(notAcceptableResponse(resource.toString()))
     }
 
-    const responseContentType: string = accept?.split(';')[0] ?? 'application/octet-stream'
+    const responseContentType: string = accept?.mimeType.split(';')[0] ?? 'application/octet-stream'
 
     const redirectResponse = await getRedirectResponse({ resource, options, logger: this.helia.logger, cid: parsedResult.cid })
     if (redirectResponse != null) {
@@ -375,19 +393,28 @@ export class VerifiedFetch {
       resource: resource.toString(),
       accept,
       options,
-      withServerTiming,
       onProgress: options?.onProgress,
       modified: 0,
-      plugins: this.plugins.map(p => p.id)
+      plugins: this.plugins.map(p => p.id),
+      query: parsedResult.query ?? {},
+      withServerTiming: Boolean(options?.withServerTiming) || Boolean(this.withServerTiming),
+      serverTiming
     }
 
     this.log.trace('finding handler for cid code "%s" and response content type "%s"', parsedResult.cid.code, responseContentType)
 
     const response = await this.runPluginPipeline(context)
 
-    options?.onProgress?.(new CustomProgressEvent<CIDDetail>('verified-fetch:request:end', { cid: parsedResult.cid, path: parsedResult.path }))
+    options?.onProgress?.(new CustomProgressEvent<CIDDetail>('verified-fetch:request:end', {
+      cid: parsedResult.cid,
+      path: parsedResult.path
+    }))
+
+    if (response == null) {
+      this.log.error('no plugin could handle request for %s', resource)
+    }
 
-    return this.handleFinalResponse(response ?? notSupportedResponse(resource.toString()), context)
+    return this.handleFinalResponse(response, context)
   }
 
   /**

package/dist/src/plugins/errors.d.ts

@@ -1,25 +0,0 @@
-import type { FatalPluginErrorOptions, PluginErrorOptions } from './types.js';
-/**
- * If a plugin encounters an error, it should throw an instance of this class.
- */
-export declare class PluginError extends Error {
-    name: string;
-    code: string;
-    fatal: boolean;
-    details?: Record<string, any>;
-    response?: any;
-    constructor(code: string, message: string, options?: PluginErrorOptions);
-}
-/**
- * If a plugin encounters a fatal error and verified-fetch should not continue processing the request, it should throw
- * an instance of this class.
- *
- * Note that you should be very careful when throwing a `PluginFatalError`, as it will stop the request from being
- * processed further. If you do not have a response to return to the client, you should consider throwing a
- * `PluginError` instead.
- */
-export declare class PluginFatalError extends PluginError {
-    name: string;
-    constructor(code: string, message: string, options: FatalPluginErrorOptions);
-}
-//# sourceMappingURL=errors.d.ts.map