Getting a specific content in HTML response

Hi guys, I’m getting a problem with HTML response. In details, I want to get the value in below case .
How can I do this? I knew exactly the regular expression to get it but do not know how to apply? Thanks all

Welcome @nguyenvietdungqsq!

If you already have the regex and just need the response as a string in order to apply it, you can get it in the tests tab of Postman by using the following command:

const responseText = pm.response.text();
const matches = responseText.match(<your regex>);
const sessionId = matches[0];

This assumes it will always be there and always be the first one.

I do have a concern though - what you’re doing seems unsafe and hacky. From what I can piece together, you are doing a GET on an html page and essentially scraping it for a hardcoded value?

If you’re designing that webpage, you should not store that value like that. Because if you can do this through Postman, so can malicious users.


Hi @nguyenvietdungqsq

Welcome to the community! :clap:

In addition you can use cheero.js to load the HTML, and parse your results.

const response = cheerio.load(pm.response.text(), {
    ignoreWhitespace: true,
    xmlMode: true

const sessionId = response('script').find('sessionId')

The above may not working exactly, as I am shooting from the hip, but you can use cheerio to parse through your html and get to your element and then parse out the js from there.

However, I will have to agree with @allen.helton, and having a sessionID in the js script of a html page is not good practice, and a bit unsafe. That information is better sent in headers or a JWT. I am no professional with communicating session IDs with web pages, however, from my experience, seeing it in the script portion of an html page is uncommon for me.

Hope this helps!


Thank bro, it is great. Actually my project has been built for a long time so that it still includes a lot of issues with security. Of course, I will ask my project manager for handling a new safety. Again,thank you a lot

Thank bro, it is nice. I already know the problem when letting SessionId being in HTML body. I will ask my PM for requesting for a change to be safer. Thank you.

Any time, glad I could help :slight_smile: