Correlating an antiforgery token

I want to capture the “value” in the below response to my request:

token “”

I have tried this:




But with no results.

Anu idea how to build the jsonPath expression to get hold of only the token?

Hi Magnus,

This test does something similar by retrieving OAuth tokens using CSS selectors.

(Stéphane helped me with this test)



Thats not a Json response. You need to use regex or css selectors to capture that. Here is gatling documentation



I did try the css-selector, but it did not work:

This is what I tested:

.check(css(“input[name=’__RequestVerificationToken’]”, “value”).saveAs(“token”)))

and that is given this response:


{"token":"<input name=\"__RequestVerificationToken\" type=\"hidden\" value=\"CUUxy_3T9ZPaSZJ6G87JGA_hIyTsXObrFd2TPY8HVAp_YbLm1Akqa22sR0MoEtF4bPxI3JFo9mQXzzBd04oGoqNJ2q4ZoFhkH04V0xs2Gtw1\" />"}


Maybe something to do with " or ’ ??


It would have saved a lot of time had you provided the full response in the first place, so it would clear that what you want to extract is hidden inside some JSON field value that’s actually some escaped HTML.
You can extract it neither with JsonPath (you don’t want the JSON value but something inside) nor with CSS selectors as it’s not HTML.

The easiest solution is probably to use a regex here.

Ohh, crap. Sorry about that.

Then I might use this the:

.check(regex("""<input name="(.*?)" name=“value=”"").saveAs(“token”)))

Or maybe:


But do I need more " in my expression to make Scala understand?

I have been playing with a reggae translator, but I don´t know how to say ‘keep the value in between’

I have used this so far:


But that gives me all this:



How can I decrease to only extract:



I’ve not tested to see if it supports the full PCRE syntax, but if it does, you can do look-behind and look-ahead assertions, like this:


The lock-behind and lock-ahead was not supported using



gives me:



in the response:

{“token”:"<input name="__RequestVerificationToken" type=“hidden” value=“foqisp–sK_JtpZ3Ks4CTmX-DIev36x5vcXd_GcIszkM011Hk_WI5rsWI090u1NlaKruo_Ji9M401kmvcCDTSmEpx9dIjV4wFum9T3QTllU1” />"}


I guess I wonder how I say to start from, but not included value=", and extract all the way to (")

This is quite difficult I think.

The only way to accomplish what you want is with look-behind and look-ahead assertions, unless you want to do a transform on the extracted result. Test it in Gatling before assuming that they don’t work, because they might. If they don’t, then just use a transform to strip out the parts you don’t want. Since the start and end are fixed length, a simple substring in the transform will do the trick.

I used this translator:

and this regex:


to capture the token I want in this response:

{“token”:"<input name="__RequestVerificationToken" type=“hidden” value=“KhWUxVIL697p18Gm3T1b4pCmXjK7iQujsJieYiLOKcKmKbdvC55kgaqg4G-uGqeUzmV3x6EMAV_ejPHe-Ok2kFqnjzVmvZmHySMpwKzGvq01” />"}

Is it a bad idea to use dots to accomplish this?

name=\"__RequestVerificationToken\" type=\“hidden\” value=\"(.+?)\"

Thank you Stephane, you saved the day!

Ah - that’s good to know. What, if anything, happens if you put in more than one capturing parenthesis?

You have to use “ofType” to set the capture type so you can get Tuple2, Tuple3, etc…

Nice! I’m going to remember that. Thanks!