diff --git a/core/lib/Drupal/Component/Utility/SafeMarkup.php b/core/lib/Drupal/Component/Utility/SafeMarkup.php
index af9170d..2d8ed9d 100644
--- a/core/lib/Drupal/Component/Utility/SafeMarkup.php
+++ b/core/lib/Drupal/Component/Utility/SafeMarkup.php
@@ -272,7 +272,7 @@ public static function checkPlain($text) {
    *
    * @see t()
    */
-  public static function format($string, array $args = array()) {
+  public static function format($string, array $args) {
     $safe = TRUE;
 
     // Transform arguments before inserting them.
diff --git a/core/lib/Drupal/Core/Entity/Plugin/DataType/EntityAdapter.php b/core/lib/Drupal/Core/Entity/Plugin/DataType/EntityAdapter.php
index 054d101..5dc1d2c 100644
--- a/core/lib/Drupal/Core/Entity/Plugin/DataType/EntityAdapter.php
+++ b/core/lib/Drupal/Core/Entity/Plugin/DataType/EntityAdapter.php
@@ -7,7 +7,6 @@
 
 namespace Drupal\Core\Entity\Plugin\DataType;
 
-use Drupal\Component\Utility\SafeMarkup;
 use Drupal\Core\Entity\FieldableEntityInterface;
 use Drupal\Core\Entity\EntityInterface;
 use Drupal\Core\Entity\TypedData\EntityDataDefinition;
@@ -114,7 +113,7 @@ public function set($property_name, $value, $notify = TRUE) {
    */
   public function getProperties($include_computed = FALSE) {
     if (!isset($this->entity)) {
-      throw new MissingDataException(SafeMarkup::format('Unable to get properties as no entity has been provided.'));
+      throw new MissingDataException('Unable to get properties as no entity has been provided.');
     }
     if (!$this->entity instanceof FieldableEntityInterface) {
       // @todo: Add support for config entities in
diff --git a/core/modules/filter/src/Plugin/Filter/FilterHtml.php b/core/modules/filter/src/Plugin/Filter/FilterHtml.php
index dd39623..7cfd499 100644
--- a/core/modules/filter/src/Plugin/Filter/FilterHtml.php
+++ b/core/modules/filter/src/Plugin/Filter/FilterHtml.php
@@ -7,7 +7,6 @@
 
 namespace Drupal\filter\Plugin\Filter;
 
-use Drupal\Component\Utility\SafeMarkup;
 use Drupal\Core\Form\FormStateInterface;
 use Drupal\filter\FilterProcessResult;
 use Drupal\filter\Plugin\FilterBase;
@@ -102,7 +101,7 @@ public function tips($long = FALSE) {
     $output .= '<p>' . $this->t('This site allows HTML content. While learning all of HTML may feel intimidating, learning how to use a very small number of the most basic HTML "tags" is very easy. This table provides examples for each tag that is enabled on this site.') . '</p>';
     $output .= '<p>' . $this->t('For more information see W3C\'s <a href="@html-specifications">HTML Specifications</a> or use your favorite search engine to find other sites that explain HTML.', array('@html-specifications' => 'http://www.w3.org/TR/html/')) . '</p>';
     $tips = array(
-      'a' => array($this->t('Anchors are used to make links to other pages.'), '<a href="' . $base_url . '">' . SafeMarkup::checkPlain(\Drupal::config('system.site')->get('name')) . '</a>'),
+      'a' => array($this->t('Anchors are used to make links to other pages.'), '<a href="' . $base_url . '">' . htmlspecialchars(\Drupal::config('system.site')->get('name'), ENT_QUOTES, 'UTF-8') . '</a>'),
       'br' => array($this->t('By default line break tags are automatically added, so use this tag to add additional ones. Use of this tag is different because it is not used with an open/close pair like all the others. Use the extra " /" inside the tag to maintain XHTML 1.0 compatibility'), $this->t('Text with <br />line break')),
       'p' => array($this->t('By default paragraph tags are automatically added, so use this tag to add additional ones.'), '<p>' . $this->t('Paragraph one.') . '</p> <p>' . $this->t('Paragraph two.') . '</p>'),
       'strong' => array($this->t('Strong', array(), array('context' => 'Font weight')), '<strong>' . $this->t('Strong', array(), array('context' => 'Font weight')) . '</strong>'),
@@ -144,8 +143,12 @@ public function tips($long = FALSE) {
       if (!empty($tips[$tag])) {
         $rows[] = array(
           array('data' => $tips[$tag][0], 'class' => array('description')),
-          array('data' => SafeMarkup::format('<code>@var</code>', array('@var' => $tips[$tag][1])), 'class' => array('type')),
-          array('data' => SafeMarkup::format($tips[$tag][1]), 'class' => array('get'))
+          // The markup must be escaped because this is the example code for the
+          // user.
+          array('data' => ['#prefix' => '<code>', '#markup' => htmlspecialchars($tips[$tag][1], ENT_QUOTES, 'UTF-8'), '#suffix' => '</code>'], 'class' => array('type')),
+          // The markup must not be escaped because this is the example output
+          // for the user.
+          array('data' => ['#markup' => $tips[$tag][1]], 'class' => array('get'))
         );
       }
       else {
@@ -175,8 +178,12 @@ public function tips($long = FALSE) {
     foreach ($entities as $entity) {
       $rows[] = array(
         array('data' => $entity[0], 'class' => array('description')),
-        array('data' => SafeMarkup::format('<code>@var</code>', array('@var' => $entity[1])), 'class' => array('type')),
-        array('data' => SafeMarkup::format($entity[1]), 'class' => array('get'))
+        // The markup must be escaped because this is the example code for the
+        // user.
+        array('data' => ['#prefix' => '<code>', '#markup' => htmlspecialchars($entity[1], ENT_QUOTES, 'UTF-8'), '#suffix' => '</code>'], 'class' => array('type')),
+        // The markup must not be escaped because this is the example output
+        // for the user.
+        array('data' => ['#markup' => $entity[1]], 'class' => array('get'))
       );
     }
     $table = array(
diff --git a/core/modules/filter/src/Tests/FilterAdminTest.php b/core/modules/filter/src/Tests/FilterAdminTest.php
index 7e6a2d3..d512f8f 100644
--- a/core/modules/filter/src/Tests/FilterAdminTest.php
+++ b/core/modules/filter/src/Tests/FilterAdminTest.php
@@ -368,12 +368,15 @@ function testFilterTipHtmlEscape() {
     $this->drupalLogin($this->adminUser);
     global $base_url;
 
+    $site_name_with_markup = 'Filter test <script>alert(\'here\');</script> site name';
+    $this->config('system.site')->set('name', $site_name_with_markup)->save();
+
     // It is not possible to test the whole filter tip page.
     // Therefore we test only some parts.
-    $link = '<a href="' . $base_url . '">' . SafeMarkup::checkPlain(\Drupal::config('system.site')->get('name')) . '</a>';
+    $link = '<a href="' . $base_url . '">' . htmlspecialchars($site_name_with_markup, ENT_QUOTES, 'UTF-8') . '</a>';
     $ampersand = '&amp;';
-    $link_as_code = '<code>' . $link . '</code>';
-    $ampersand_as_code = '<code>' . $ampersand . '</code>';
+    $link_as_code = '<code>' . htmlspecialchars($link, ENT_QUOTES, 'UTF-8') . '</code>';
+    $ampersand_as_code = '<code>' . htmlspecialchars($ampersand, ENT_QUOTES, 'UTF-8') . '</code>';
 
     $this->drupalGet('filter/tips');
 
diff --git a/core/modules/system/tests/modules/menu_test/src/TestControllers.php b/core/modules/system/tests/modules/menu_test/src/TestControllers.php
index f3ff8d2..2a91286 100644
--- a/core/modules/system/tests/modules/menu_test/src/TestControllers.php
+++ b/core/modules/system/tests/modules/menu_test/src/TestControllers.php
@@ -57,7 +57,7 @@ public function testDefaults($placeholder = NULL) {
       return ['#markup' => SafeMarkup::format("Sometimes there is a placeholder: '@placeholder'.", array('@placeholder' => $placeholder))];
     }
     else {
-      return ['#markup' => SafeMarkup::format('Sometimes there is no placeholder.')];
+      return ['#markup' => 'Sometimes there is no placeholder.'];
     }
   }