Dynamic HTML pages often hide request values inside forms, links, and data attributes. The JMeter CSS Selector Extractor reads an HTML sampler response with browser-style selectors, so a load test can reuse a CSRF token, generated ID, link target, or page value without matching raw markup with a regular expression.
The extractor runs as a post-processor after the sampler in its scope. A selector such as form#checkout input[name=csrf] locates one or more nodes in the response data, and the Attribute field decides whether JMeter stores an attribute value such as value or the matched element's text content.
Keep the extractor close to the sampler that returns the HTML, set a default value that makes misses visible during debugging, and prove the variable in a later sampler before running a larger load test. A short checkout-token smoke test can capture the token and check that the next sampler sends the same value.
Use Sub-samples only or Main sample and sub-samples only when the target value is in an embedded-resource result, mail result, transaction child sample, or another generated sub-sample.
This selector matches an input element named csrf inside the checkout form.
Leave Attribute empty only when the wanted value is the matched element's text content.
Use 0 only when any matching node is acceptable. Use a negative value only when a later ForEach Controller will process all matches through variables such as csrf_token_1 and csrf_token_matchNr.
Leave Use empty default value disabled while debugging so a missed selector does not look like a deliberately blank token.
Name: csrf
Value: ${csrf_token}
$ jmeter -n -t css-selector-extractor-demo.jmx -l results.jtl -j jmeter.log Creating summariser <summary> Created the tree successfully using css-selector-extractor-demo.jmx Starting standalone test @ 2026 Jun 29 22:20:26 GMT Waiting for possible Shutdown/StopTestNow/HeapDump/ThreadDump message on port 4445 summary = 2 in 00:00:00 = 4.3/s Avg: 200 Min: 76 Max: 324 Err: 0 (0.00%) Tidying up ... ... end of run
$ cat css-selector-extractor.log csrf_token=token-abc-123 posted_token=token-abc-123
The extracted variable and the posted value should match. If the value is TOKEN_NOT_FOUND, inspect the response body and selector in a small debug run before increasing thread count.
Related: How to add a Debug Sampler in JMeter