core/modules/ckeditor5/src/HTMLRestrictions.php | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/core/modules/ckeditor5/src/HTMLRestrictions.php b/core/modules/ckeditor5/src/HTMLRestrictions.php
index d5077d88f4..74d3e5c403 100644
--- a/core/modules/ckeditor5/src/HTMLRestrictions.php
+++ b/core/modules/ckeditor5/src/HTMLRestrictions.php
@@ -71,6 +71,12 @@ final class HTMLRestrictions {
    */
   private const WILDCARD_ELEMENT_METHODS = [
     '$block' => 'getBlockElementList',
+    // The `*` joker wildcard HTML tag is a special case: it allows prescribing
+    // specific attributes that are allowed on all tags (f.e. `lang`, because
+    // translations are an orthogonal concern) or disallowed on all tags (f.e.
+    // `style`, because security is an orthogonal concern). Unlike other
+    // wildcard tags it does not resolve into concrete tags.
+    '*' => [],
   ];
 
   /**
@@ -117,13 +123,6 @@ private static function validateAllowedRestrictionsPhase1(array $elements): void
       if (self::isWildcardTag($html_tag_name)) {
         continue;
       }
-      // The `*` HTML tag is a special case: it allows specifying specific
-      // attributes that are allowed on all tags (f.e. `lang`, because
-      // translations are an orthogonal concern) or disallowed on all tags (f.e.
-      // `style`, because security is an orthogonal concern).
-      if ($html_tag_name === '*') {
-        continue;
-      }
       // HTML elements must have a valid tag name.
       // @see https://html.spec.whatwg.org/multipage/syntax.html#syntax-tag-name
       // @see https://html.spec.whatwg.org/multipage/custom-elements.html#valid-custom-element-name
@@ -914,6 +913,12 @@ public function getConcreteSubset(): HTMLRestrictions {
    *   TRUE if it is a wildcard, otherwise FALSE.
    */
   private static function isWildcardTag(string $tag_name): bool {
+    // Special case: the joker wildcard `*` HTML tag.
+    // @see \Drupal\ckeditor5\HTMLRestrictions::WILDCARD_ELEMENT_METHODS
+    if ($tag_name === '*') {
+      return TRUE;
+    }
+
     return substr($tag_name, 0, 1) === '$' && array_key_exists($tag_name, self::WILDCARD_ELEMENT_METHODS);
   }
 
@@ -1134,6 +1139,12 @@ private static function getBlockElementList(): array {
    *   An array of HTML tags.
    */
   private static function getWildcardTags(string $wildcard): array {
+    // Special case: the joker wildcard `*` HTML tag.
+    // @see \Drupal\ckeditor5\HTMLRestrictions::WILDCARD_ELEMENT_METHODS
+    if ($wildcard === '*') {
+      return [];
+    }
+
     $wildcard_element_method = self::WILDCARD_ELEMENT_METHODS[$wildcard];
     return call_user_func([self::class, $wildcard_element_method]);
   }