diff --git a/core/modules/ckeditor/tests/modules/src/Kernel/CKEditorTest.php b/core/modules/ckeditor/tests/modules/src/Kernel/CKEditorTest.php
index 4fbead9..625e28c 100644
--- a/core/modules/ckeditor/tests/modules/src/Kernel/CKEditorTest.php
+++ b/core/modules/ckeditor/tests/modules/src/Kernel/CKEditorTest.php
@@ -49,7 +49,22 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<h2 id> <h3> <h4> <h5> <h6> <p> <br> <strong> <a href hreflang>',
+            'allowed_html' => [
+              'id' => [
+                'id' => '*',
+              ],
+              'h3' => [],
+              'h4' => [],
+              'h5' => [],
+              'h6' => [],
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [
+                'href' => '*',
+                'hreflang' => '*',
+              ],
+            ],
           ]
         ],
       ],
diff --git a/core/modules/ckeditor/tests/src/Kernel/Plugin/CKEditorPlugin/InternalTest.php b/core/modules/ckeditor/tests/src/Kernel/Plugin/CKEditorPlugin/InternalTest.php
index aecc228..87f8dc4 100644
--- a/core/modules/ckeditor/tests/src/Kernel/Plugin/CKEditorPlugin/InternalTest.php
+++ b/core/modules/ckeditor/tests/src/Kernel/Plugin/CKEditorPlugin/InternalTest.php
@@ -115,7 +115,10 @@ public function formatTagsSettingsTestCases() {
           'filter_html' => [
             'status' => 1,
             'settings' => [
-              'allowed_html' => '<h1> <h2>',
+              'allowed_html' => [
+                'h1' => [],
+                'h2' => [],
+              ],
               'filter_html_help' => 1,
               'filter_html_nofollow' => 0,
             ],
diff --git a/core/modules/editor/src/Tests/EditorSecurityTest.php b/core/modules/editor/src/Tests/EditorSecurityTest.php
index d00fe0e..f1991d9 100644
--- a/core/modules/editor/src/Tests/EditorSecurityTest.php
+++ b/core/modules/editor/src/Tests/EditorSecurityTest.php
@@ -92,7 +92,17 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<h2> <h3> <h4> <h5> <h6> <p> <br> <strong> <a>',
+            'allowed_html' => [
+              'h2' => [],
+              'h3' => [],
+              'h4' => [],
+              'h5' => [],
+              'h6' => [],
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [],
+            ],
           ]
         ],
       ],
@@ -107,7 +117,17 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<h2> <h3> <h4> <h5> <h6> <p> <br> <strong> <a>',
+            'allowed_html' => [
+              'h2' => [],
+              'h3' => [],
+              'h4' => [],
+              'h5' => [],
+              'h6' => [],
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [],
+            ],
           ]
         ],
       ],
@@ -127,7 +147,18 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<h2> <h3> <h4> <h5> <h6> <p> <br> <strong> <a> <embed>',
+            'allowed_html' => [
+              'h2' => [],
+              'h3' => [],
+              'h4' => [],
+              'h5' => [],
+              'h6' => [],
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [],
+              'embed' => [],
+            ],
           ]
         ],
       ],
diff --git a/core/modules/editor/tests/editor_private_test/config/install/filter.format.private_images.yml b/core/modules/editor/tests/editor_private_test/config/install/filter.format.private_images.yml
index 261bd90..dc4dd04 100644
--- a/core/modules/editor/tests/editor_private_test/config/install/filter.format.private_images.yml
+++ b/core/modules/editor/tests/editor_private_test/config/install/filter.format.private_images.yml
@@ -15,7 +15,12 @@ filters:
     status: false
     weight: -10
     settings:
-      allowed_html: '<img src alt data-entity-type data-entity-uuid>'
+      allowed_html:
+        img:
+          src: '*'
+          alt: '*'
+          data-entity-type: '*'
+          data-entity-uuid: '*'
       filter_html_help: true
       filter_html_nofollow: false
 dependencies:
diff --git a/core/modules/filter/config/schema/filter.schema.yml b/core/modules/filter/config/schema/filter.schema.yml
index b45a475..6756f1e 100644
--- a/core/modules/filter/config/schema/filter.schema.yml
+++ b/core/modules/filter/config/schema/filter.schema.yml
@@ -51,8 +51,14 @@ filter_settings.filter_html:
   label: 'Filter HTML'
   mapping:
     allowed_html:
-      type: string
+      type: sequence
       label: 'Allowed HTML'
+      sequence:
+        type: sequence
+        label: 'Attributes'
+        sequence:
+          type: string
+          label: 'Value'
     filter_html_help:
       type: boolean
       label: 'HTML help'
diff --git a/core/modules/filter/filter.install b/core/modules/filter/filter.install
new file mode 100644
index 0000000..9c73649
--- /dev/null
+++ b/core/modules/filter/filter.install
@@ -0,0 +1,24 @@
+<?php
+
+/**
+ * @file
+ * Install, update and uninstall functions for the filter module.
+ */
+
+use Drupal\filter\FilterHtmlAllowedMarkupSchema;
+
+/**
+ * Update the filter_html filter format schema.
+ */
+function filter_update_8001() {
+  $config_factory = \Drupal::configFactory();
+  foreach ($config_factory->listAll('filter.format.') as $name) {
+    $filter = $config_factory->getEditable($name);
+    $allowed_html = $filter->get('filters.filter_html.settings.allowed_html');
+    if ($allowed_html !== NULL) {
+      $updated_allowed_html = FilterHtmlAllowedMarkupSchema::generateSettings($allowed_html);
+      $filter->set('filters.filter_html.settings.allowed_html', $updated_allowed_html);
+      $filter->save();
+    }
+  }
+}
diff --git a/core/modules/filter/src/FilterHtmlAllowedMarkupSchema.php b/core/modules/filter/src/FilterHtmlAllowedMarkupSchema.php
new file mode 100644
index 0000000..0ee5823
--- /dev/null
+++ b/core/modules/filter/src/FilterHtmlAllowedMarkupSchema.php
@@ -0,0 +1,78 @@
+<?php
+
+namespace Drupal\filter;
+
+use Drupal\Component\Utility\Html;
+
+/**
+ * Transform the FilterHtml UI markup into settings schema and vice versa.
+ */
+class FilterHtmlAllowedMarkupSchema {
+
+  /**
+   * Generate an array to represent the allowed HTML settings.
+   *
+   * @param string $allowed_html_string
+   *   A string to parse into an allowed HTML settings array.
+   *
+   * @return array
+   *   An array representing the allowed HTML settings.
+   */
+  public static function generateSettings($allowed_html_string) {
+    $allowed_html_settings = [];
+
+    // Make all the tags self-closing, so they will be parsed into direct
+    // children of the body tag in the DomDocument.
+    $html = str_replace('>', ' />', $allowed_html_string);
+    // Protect any trailing * characters in attribute names, since DomDocument
+    // strips them as invalid.
+    $star_protector = '__zqh6vxfbk3cg__';
+    $html = str_replace('*', $star_protector, $html);
+    $body_child_nodes = Html::load($html)
+      ->getElementsByTagName('body')
+      ->item(0)->childNodes;
+
+    foreach ($body_child_nodes as $node) {
+      if ($node->nodeType !== XML_ELEMENT_NODE) {
+        // Skip the empty text nodes inside tags.
+        continue;
+      }
+      $tag = $node->tagName;
+      $allowed_html_settings[$tag] = [];
+      if ($node->hasAttributes()) {
+        // Iterate over any attributes, and mark them as allowed.
+        foreach ($node->attributes as $name => $attribute) {
+          // Put back any trailing * on wildcard attribute name.
+          $name = str_replace($star_protector, '*', $name);
+          $value = str_replace($star_protector, '*', $attribute->value);
+          if (empty($value)) {
+            $value = '*';
+          }
+          $allowed_html_settings[$tag][$name] = $value;
+        }
+      }
+    }
+
+    return $allowed_html_settings;
+  }
+
+  /**
+   * Generate a string to represent the allowed HTML.
+   *
+   * @param array $allowed_html_settings
+   *   The allowed HTML
+   * @return string
+   */
+  public static function generateString($allowed_html_settings) {
+    $allowed_html_tags = [];
+    foreach ($allowed_html_settings as $tag => $attributes) {
+      $attribute_strings = [];
+      foreach ($attributes as $attribute => $value) {
+        $attribute_strings[] = $value === '*' ? $attribute : sprintf('%s="%s"', $attribute, $value);
+      }
+      $allowed_html_tags[] = sprintf('<%s%s%s>', $tag, count($attribute_strings) > 0 ? ' ' : '', implode(' ', $attribute_strings));
+    }
+    return implode(' ', $allowed_html_tags);
+  }
+
+}
diff --git a/core/modules/filter/src/Plugin/Filter/FilterHtml.php b/core/modules/filter/src/Plugin/Filter/FilterHtml.php
index 882bcc0..0242dc9 100644
--- a/core/modules/filter/src/Plugin/Filter/FilterHtml.php
+++ b/core/modules/filter/src/Plugin/Filter/FilterHtml.php
@@ -5,6 +5,7 @@
 use Drupal\Component\Utility\Xss;
 use Drupal\Core\Form\FormStateInterface;
 use Drupal\Component\Utility\Html;
+use Drupal\filter\FilterHtmlAllowedMarkupSchema;
 use Drupal\filter\FilterProcessResult;
 use Drupal\filter\Plugin\FilterBase;
 
@@ -15,12 +16,14 @@
  * by only having the attribute name, or allowing a fixed list of values, or
  * allowing a value with a wildcard prefix.
  *
+ * @todo, figure out how to set allowed_html without forcing certain elements.
+ *
  * @Filter(
  *   id = "filter_html",
  *   title = @Translation("Limit allowed HTML tags and correct faulty HTML"),
  *   type = Drupal\filter\Plugin\FilterInterface::TYPE_HTML_RESTRICTOR,
  *   settings = {
- *     "allowed_html" = "<a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type='1 A I'> <li> <dl> <dt> <dd> <h2 id='jump-*'> <h3 id> <h4 id> <h5 id> <h6 id>",
+ *     "allowed_html" = {},
  *     "filter_html_help" = TRUE,
  *     "filter_html_nofollow" = FALSE
  *   },
@@ -45,6 +48,10 @@ public function settingsForm(array $form, FormStateInterface $form_state) {
       '#title' => $this->t('Allowed HTML tags'),
       '#default_value' => $this->settings['allowed_html'],
       '#description' => $this->t('A list of HTML tags that can be used. By default only the <em>lang</em> and <em>dir</em> attributes are allowed for all HTML tags. Each HTML tag may have attributes which are treated as allowed attribute names for that HTML tag. Each attribute may allow all values, or only allow specific values. Attribute names or values may be written as a prefix and wildcard like <em>jump-*</em>. JavaScript event attributes, JavaScript URLs, and CSS are always stripped.'),
+      '#value_callback' => [$this, 'allowedHtmlValueCallback'],
+      '#pre_render' => [
+        [$this, 'preRenderAllowedHtml'],
+      ],
       '#attached' => [
         'library' => [
           'filter/drupal.filter.filter_html.admin',
@@ -65,15 +72,24 @@ public function settingsForm(array $form, FormStateInterface $form_state) {
   }
 
   /**
+   * Value callback for the allowed_html field.
+   */
+  public function allowedHtmlValueCallback($element, $input, FormStateInterface $form_state) {
+    return $input === FALSE ? $element['#default_value'] : FilterHtmlAllowedMarkupSchema::generateSettings($input);
+  }
+
+  /**
+   * Pre render callback for the allowed_html element.
+   */
+  public function preRenderAllowedHtml($element) {
+    $element['#value'] = FilterHtmlAllowedMarkupSchema::generateString($element['#value']);
+    return $element;
+  }
+
+  /**
    * {@inheritdoc}
    */
   public function setConfiguration(array $configuration) {
-    if (isset($configuration['settings']['allowed_html'])) {
-      // The javascript in core/modules/filter/filter.filter_html.admin.js
-      // removes new lines and double spaces so, for consistency when javascript
-      // is disabled, remove them.
-      $configuration['settings']['allowed_html'] = preg_replace('/\s+/', ' ', $configuration['settings']['allowed_html']);
-    }
     parent::setConfiguration($configuration);
     // Force restrictions to be calculated again.
     $this->restrictions = NULL;
@@ -251,33 +267,16 @@ public function getHTMLRestrictions() {
     // specific.
     $restrictions = ['allowed' => []];
 
-    // Make all the tags self-closing, so they will be parsed into direct
-    // children of the body tag in the DomDocument.
-    $html = str_replace('>', ' />', $this->settings['allowed_html']);
-    // Protect any trailing * characters in attribute names, since DomDocument
-    // strips them as invalid.
-    $star_protector = '__zqh6vxfbk3cg__';
-    $html = str_replace('*', $star_protector, $html);
-    $body_child_nodes = Html::load($html)->getElementsByTagName('body')->item(0)->childNodes;
-
-    foreach ($body_child_nodes as $node) {
-      if ($node->nodeType !== XML_ELEMENT_NODE) {
-        // Skip the empty text nodes inside tags.
-        continue;
+    foreach ($this->settings['allowed_html'] as $element_name => $element_attributes) {
+      // If no attributes are specified, the element is allowed, but with
+      // no attributes.
+      if (empty($element_attributes)) {
+        $restrictions['allowed'][$element_name] = FALSE;
       }
-      $tag = $node->tagName;
-      if ($node->hasAttributes()) {
-        // Mark the tag as allowed, assigning TRUE for each attribute name if
-        // all values are allowed, or an array of specific allowed values.
-        $restrictions['allowed'][$tag] = [];
-        // Iterate over any attributes, and mark them as allowed.
-        foreach ($node->attributes as $name => $attribute) {
-          // Put back any trailing * on wildcard attribute name.
-          $name = str_replace($star_protector, '*', $name);
-
-          // Put back any trailing * on wildcard attribute value and parse out
-          // the allowed attribute values.
-          $allowed_attribute_values = preg_split('/\s+/', str_replace($star_protector, '*', $attribute->value), -1, PREG_SPLIT_NO_EMPTY);
+      else {
+        foreach ($element_attributes as $attribute_name => $attribute_value) {
+          // Parse the allowed attribute values.
+          $allowed_attribute_values = preg_split('/\s+/', $attribute_value, -1, PREG_SPLIT_NO_EMPTY);
 
           // Sanitize the attribute value: it lists the allowed attribute values
           // but one allowed attribute value that some may be tempted to use
@@ -285,25 +284,21 @@ public function getHTMLRestrictions() {
           // allowed attribute values with a wildcard. A wildcard by itself
           // would mean whitelisting all possible attribute values. But in that
           // case, one would not specify an attribute value at all.
-          $allowed_attribute_values = array_filter($allowed_attribute_values, function ($value) use ($star_protector) { return $value !== '*'; });
+          $allowed_attribute_values = array_filter($allowed_attribute_values, function ($value) { return $value !== '*'; });
 
           if (empty($allowed_attribute_values)) {
             // If the value is the empty string all values are allowed.
-            $restrictions['allowed'][$tag][$name] = TRUE;
+            $restrictions['allowed'][$element_name][$attribute_name] = TRUE;
           }
           else {
             // A non-empty attribute value is assigned, mark each of the
             // specified attribute values as allowed.
-            foreach ($allowed_attribute_values as $value) {
-              $restrictions['allowed'][$tag][$name][$value] = TRUE;
+            foreach ($allowed_attribute_values as $allowed_attribute_value) {
+              $restrictions['allowed'][$element_name][$attribute_name][$allowed_attribute_value] = TRUE;
             }
           }
         }
       }
-      else {
-        // Mark the tag as allowed, but with no attributes allowed.
-        $restrictions['allowed'][$tag] = FALSE;
-      }
     }
 
     // The 'style' and 'on*' ('onClick' etc.) attributes are always forbidden,
@@ -339,7 +334,7 @@ public function tips($long = FALSE) {
     if (!($allowed_html = $this->settings['allowed_html'])) {
       return;
     }
-    $output = $this->t('Allowed HTML tags: @tags', ['@tags' => $allowed_html]);
+    $output = $this->t('Allowed HTML tags: @tags', ['@tags' => FilterHtmlAllowedMarkupSchema::generateString($allowed_html)]);
     if (!$long) {
       return $output;
     }
diff --git a/core/modules/filter/src/Plugin/migrate/process/FilterSettings.php b/core/modules/filter/src/Plugin/migrate/process/FilterSettings.php
index 2350426..bfd0d90 100644
--- a/core/modules/filter/src/Plugin/migrate/process/FilterSettings.php
+++ b/core/modules/filter/src/Plugin/migrate/process/FilterSettings.php
@@ -2,6 +2,7 @@
 
 namespace Drupal\filter\Plugin\migrate\process;
 
+use Drupal\filter\FilterHtmlAllowedMarkupSchema;
 use Drupal\migrate\ProcessPluginBase;
 use Drupal\migrate\MigrateExecutableInterface;
 use Drupal\migrate\Row;
@@ -43,6 +44,7 @@ public function transform($value, MigrateExecutableInterface $migrate_executable
     // Only the filter_html filter's settings have a changed format.
     if ($row->getDestinationProperty('id') === 'filter_html') {
       $value['allowed_html'] = str_replace(array_keys($this->allowedHtmlDefaultAttributes), array_values($this->allowedHtmlDefaultAttributes), $value['allowed_html']);
+      $value['allowed_html'] = FilterHtmlAllowedMarkupSchema::generateSettings($value['allowed_html']);
     }
     return $value;
   }
diff --git a/core/modules/filter/src/Tests/FilterAdminTest.php b/core/modules/filter/src/Tests/FilterAdminTest.php
index aceeff5..37654ea 100644
--- a/core/modules/filter/src/Tests/FilterAdminTest.php
+++ b/core/modules/filter/src/Tests/FilterAdminTest.php
@@ -52,7 +52,13 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<p> <br> <strong> <a> <em>',
+            'allowed_html' => [
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [],
+              'em' => [],
+            ],
           ],
         ],
       ],
@@ -66,7 +72,12 @@ protected function setUp() {
           'status' => TRUE,
           'weight' => -10,
           'settings' => [
-            'allowed_html' => '<p> <br> <strong> <a> <em> <h4>',
+            'p' => [],
+            'br' => [],
+            'strong' => [],
+            'a' => [],
+            'em' => [],
+            'h4' => [],
           ],
         ],
         'filter_autop' => [
diff --git a/core/modules/filter/src/Tests/FilterHtmlImageSecureTest.php b/core/modules/filter/src/Tests/FilterHtmlImageSecureTest.php
index 249021a..9ec60ba 100644
--- a/core/modules/filter/src/Tests/FilterHtmlImageSecureTest.php
+++ b/core/modules/filter/src/Tests/FilterHtmlImageSecureTest.php
@@ -41,7 +41,13 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<img src testattribute> <a>',
+            'allowed_html' => [
+              'img' => [
+                'src' => '*',
+                'testattribute' => '*',
+              ],
+              'a' => [],
+            ],
           ],
         ],
         'filter_autop' => [
diff --git a/core/modules/filter/src/Tests/Update/FilterHtmlSchemaUpdateTest.php b/core/modules/filter/src/Tests/Update/FilterHtmlSchemaUpdateTest.php
new file mode 100644
index 0000000..863555b
--- /dev/null
+++ b/core/modules/filter/src/Tests/Update/FilterHtmlSchemaUpdateTest.php
@@ -0,0 +1,61 @@
+<?php
+
+namespace Drupal\filter\Tests\Update;
+
+use Drupal\filter\Entity\FilterFormat;
+use Drupal\system\Tests\Update\UpdatePathTestBase;
+
+/**
+ * Test the filter html plugin schema update path.
+ *
+ * @group filter
+ */
+class FilterHtmlSchemaUpdateTest extends UpdatePathTestBase {
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function setDatabaseDumpFiles() {
+    $this->databaseDumpFiles = [
+      __DIR__ . '/../../../../system/tests/fixtures/update/drupal-8.bare.standard.php.gz',
+      __DIR__ . '/../../../tests/fixtures/update/drupal-8.filter-html-updated-schema-2871354.php',
+    ];
+  }
+
+  /**
+   * Test the schema update.
+   */
+  public function testSchemaUpdate() {
+    $this->runUpdates();
+
+    $filter = FilterFormat::load('test_format');
+    $filter_html_configuration = $filter->filters('filter_html')->getConfiguration();
+
+    $this->assertEqual([
+      'no-attributes' => [],
+      'single-attribute' => [
+          'foo' => '*',
+      ],
+      'attribute-with-value' => [
+        'foo' => 'bar',
+      ],
+      'multiple-attributes' => [
+        'foo' => 'value',
+        'bar' => 'value',
+      ],
+      'wildcard-attributes' => [
+        '*' => '*',
+      ],
+      'wildcard-attribute-name' => [
+        'data-*' => '*',
+      ],
+      'wildcard-attribute-name-with-value' => [
+        'data-*' => 'foo',
+      ],
+      'wildcard-attribute-value' => [
+        'foo' => '*',
+      ],
+    ], $filter_html_configuration['settings']['allowed_html']);
+  }
+
+}
diff --git a/core/modules/filter/tests/filter_test/config/install/filter.format.filtered_html.yml b/core/modules/filter/tests/filter_test/config/install/filter.format.filtered_html.yml
index ba403db..a35c48e 100644
--- a/core/modules/filter/tests/filter_test/config/install/filter.format.filtered_html.yml
+++ b/core/modules/filter/tests/filter_test/config/install/filter.format.filtered_html.yml
@@ -12,4 +12,10 @@ filters:
     provider: filter
     status: true
     settings:
-      allowed_html: '<p> <br> <strong> <a href hreflang>'
+      allowed_html:
+        p: {  }
+        br: {  }
+        strong: {  }
+        a:
+          href: '*'
+          hreflang: '*'
diff --git a/core/modules/filter/tests/fixtures/update/drupal-8.filter-html-updated-schema-2871354.php b/core/modules/filter/tests/fixtures/update/drupal-8.filter-html-updated-schema-2871354.php
new file mode 100644
index 0000000..3a0467a
--- /dev/null
+++ b/core/modules/filter/tests/fixtures/update/drupal-8.filter-html-updated-schema-2871354.php
@@ -0,0 +1,49 @@
+<?php
+
+/**
+ * @file
+ * Contains database additions for testing the upgrade path for 2871354.
+ */
+
+use Drupal\Core\Database\Database;
+
+$connection = Database::getConnection();
+
+$formats = [
+  'test_format' => [
+    'langcode' => 'en',
+    'status' => TRUE,
+    'dependencies' => [],
+    'name' => 'Test Filter',
+    'format' => 'test_format',
+    'weight' => 0,
+    'filters' => [
+      'filter_html' => [
+        'id' => 'filter_html',
+        'provider' => 'filter',
+        'status' => TRUE,
+        'weight' => -10,
+        'settings' => [
+          'allowed_html' => '<no-attributes> <single-attribute foo> <attribute-with-value foo="bar"> <multiple-attributes foo="value" bar="value"> <wildcard-attributes *> <wildcard-attribute-name data-*> <wildcard-attribute-name-with-value data-*="foo"> <wildcard-attribute-value foo="*">',
+          'filter_html_help' => FALSE,
+          'filter_html_nofollow' => FALSE,
+        ],
+      ],
+    ],
+  ],
+];
+
+foreach ($formats as $id => $format) {
+  $connection->insert('config')
+    ->fields([
+      'collection',
+      'name',
+      'data',
+    ])
+    ->values([
+      'collection' => '',
+      'name' => 'filter.format.' . $id,
+      'data' => serialize($format),
+    ])
+    ->execute();
+}
diff --git a/core/modules/filter/tests/src/Kernel/FilterAPITest.php b/core/modules/filter/tests/src/Kernel/FilterAPITest.php
index 2203bbe..3f2c710 100644
--- a/core/modules/filter/tests/src/Kernel/FilterAPITest.php
+++ b/core/modules/filter/tests/src/Kernel/FilterAPITest.php
@@ -45,7 +45,9 @@ public function testCheckMarkupFilterOrder() {
           'weight' => -10,
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<p>',
+            'allowed_html' => [
+              'p' => [],
+            ],
           ],
         ],
       ]
@@ -141,7 +143,7 @@ public function testFilterFormatAPI() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '', // Nothing is allowed.
+            'allowed_html' => [], // Nothing is allowed.
           ],
         ],
       ],
@@ -167,7 +169,14 @@ public function testFilterFormatAPI() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<p> <br> <a href> <strong>',
+            'allowed_html' => [
+              'p' => [],
+              'br' => [],
+              'a' => [
+                'href' => '*',
+              ],
+              'strong' => [],
+            ],
           ],
         ],
         'filter_test_restrict_tags_and_attributes' => [
@@ -214,7 +223,18 @@ public function testFilterFormatAPI() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<a> <b class> <c class="*"> <d class="foo bar-* *">',
+            'allowed_html' => [
+              'a' => [],
+              'b' => [
+                'class' => '*',
+              ],
+              'c' => [
+                'class' => '*',
+              ],
+              'd' => [
+                'class' => 'foo bar-* *',
+              ],
+            ],
           ],
         ],
       ]
@@ -410,7 +430,9 @@ public function testFilterFormatPreSave() {
           'weight' => -10,
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<p>',
+            'allowed_html' => [
+              'p' => [],
+            ],
           ],
         ],
       ]
diff --git a/core/modules/filter/tests/src/Kernel/FilterKernelTest.php b/core/modules/filter/tests/src/Kernel/FilterKernelTest.php
index cf72bbe..451a54b 100644
--- a/core/modules/filter/tests/src/Kernel/FilterKernelTest.php
+++ b/core/modules/filter/tests/src/Kernel/FilterKernelTest.php
@@ -192,7 +192,13 @@ public function testCaptionFilter() {
     $html_filter = $this->filters['filter_html'];
     $html_filter->setConfiguration([
       'settings' => [
-        'allowed_html' => '<img src data-align data-caption>',
+        'allowed_html' => [
+          'img' => [
+            'src' => '*',
+            'data-align' => '*',
+            'data-caption' => '*',
+          ],
+        ],
         'filter_html_help' => 1,
         'filter_html_nofollow' => 0,
       ]
@@ -408,7 +414,22 @@ public function testHtmlFilter() {
     $filter = $this->filters['filter_html'];
     $filter->setConfiguration([
       'settings' => [
-        'allowed_html' => '<a> <p> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd> <br>',
+        'allowed_html' => [
+          'a' => [],
+          'p' => [],
+          'em' => [],
+          'strong' => [],
+          'cite' => [],
+          'blockquote' => [],
+          'code' => [],
+          'ul' => [],
+          'ol' => [],
+          'li' => [],
+          'dl' => [],
+          'dt' => [],
+          'dd' => [],
+          'br' => [],
+        ],
         'filter_html_help' => 1,
         'filter_html_nofollow' => 0,
       ]
@@ -463,10 +484,27 @@ public function testHtmlFilter() {
     // Now whitelist the "llama" attribute on <a>.
     $filter->setConfiguration([
       'settings' => [
-        'allowed_html' => '<a href llama> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd> <br>',
+        'allowed_html' => [
+          'a' => [
+            'href' => '*',
+            'llama' => '*',
+          ],
+          'em' => [],
+          'strong' => [],
+          'cite' => [],
+          'blockquote' => [],
+          'code' => [],
+          'ul' => [],
+          'ol' => [],
+          'li' => [],
+          'dl' => [],
+          'dt' => [],
+          'dd' => [],
+          'br' => [],
+        ],
         'filter_html_help' => 1,
         'filter_html_nofollow' => 0,
-      ]
+      ],
     ]);
     $f = (string) $filter->process('<a kitten="cute" llama="awesome">link</a>', Language::LANGCODE_NOT_SPECIFIED);
     $this->assertNormalized($f, '<a llama="awesome">link</a>', 'HTML filter keeps explicitly allowed attributes, and removes attributes that are not explicitly allowed.');
@@ -475,7 +513,24 @@ public function testHtmlFilter() {
     // "majestical", or "epic".
     $filter->setConfiguration([
       'settings' => [
-        'allowed_html' => '<a href llama="majestical epic"> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd> <br>',
+        'allowed_html' => [
+          'a' => [
+            'href' => '*',
+            'llama' => 'majestical epic',
+          ],
+          'em' => [],
+          'strong' => [],
+          'cite' => [],
+          'blockquote' => [],
+          'code' => [],
+          'ul' => [],
+          'ol' => [],
+          'li' => [],
+          'dl' => [],
+          'dt' => [],
+          'dd' => [],
+          'br' => [],
+        ],
         'filter_html_help' => 1,
         'filter_html_nofollow' => 0,
       ]
@@ -498,7 +553,11 @@ public function testNoFollowFilter() {
     $filter = $this->filters['filter_html'];
     $filter->setConfiguration([
       'settings' => [
-        'allowed_html' => '<a href>',
+        'allowed_html' => [
+          'a' => [
+            'href' => '*',
+          ],
+        ],
         'filter_html_help' => 1,
         'filter_html_nofollow' => 1,
       ]
diff --git a/core/modules/filter/tests/src/Kernel/Migrate/d6/MigrateFilterFormatTest.php b/core/modules/filter/tests/src/Kernel/Migrate/d6/MigrateFilterFormatTest.php
index 81faf3e..82dfb48 100644
--- a/core/modules/filter/tests/src/Kernel/Migrate/d6/MigrateFilterFormatTest.php
+++ b/core/modules/filter/tests/src/Kernel/Migrate/d6/MigrateFilterFormatTest.php
@@ -40,7 +40,27 @@ public function testFilterFormat() {
     $this->assertFalse(isset($filters['filter_html_image_secure']));
 
     // Check variables migrated into filter.
-    $this->assertSame('<a href hreflang> <em> <strong> <cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd>', $filters['filter_html']['settings']['allowed_html']);
+    $this->assertSame([
+      'a' => [
+        'href' => '*',
+        'hreflang' => '*',
+      ],
+      'em' => [],
+      'strong' => [],
+      'cite' => [],
+      'code' => [],
+      'ul' => [
+        'type' => '*',
+      ],
+      'ol' => [
+        'start' => '*',
+        'type' => '*',
+      ],
+      'li' => [],
+      'dl' => [],
+      'dt' => [],
+      'dd' => [],
+    ], $filters['filter_html']['settings']['allowed_html']);
     $this->assertSame(TRUE, $filters['filter_html']['settings']['filter_html_help']);
     $this->assertSame(FALSE, $filters['filter_html']['settings']['filter_html_nofollow']);
     $this->assertSame(72, $filters['filter_url']['settings']['filter_url_length']);
diff --git a/core/modules/filter/tests/src/Kernel/Migrate/d7/MigrateFilterFormatTest.php b/core/modules/filter/tests/src/Kernel/Migrate/d7/MigrateFilterFormatTest.php
index 0f54245..cd2d392 100644
--- a/core/modules/filter/tests/src/Kernel/Migrate/d7/MigrateFilterFormatTest.php
+++ b/core/modules/filter/tests/src/Kernel/Migrate/d7/MigrateFilterFormatTest.php
@@ -70,7 +70,28 @@ public function testFilterFormat() {
     $format = FilterFormat::load('filtered_html');
     $this->assertInstanceOf(FilterFormatInterface::class, $format);
     $config = $format->filters('filter_html')->getConfiguration();
-    $this->assertSame('<div> <span> <ul type> <li> <ol start type> <a href hreflang> <img src alt height width>', $config['settings']['allowed_html']);
+    $this->assertSame([
+      'div' => [],
+      'span' => [],
+      'ul' => [
+        'type' => '*',
+      ],
+      'li' => [],
+      'ol' => [
+        'start' => '*',
+        'type' => '*',
+      ],
+      'a' => [
+        'href' => '*',
+        'hreflang' => '*',
+      ],
+      'img' => [
+        'src' => '*',
+        'alt' => '*',
+        'height' => '*',
+        'width' => '*',
+      ],
+    ], $config['settings']['allowed_html']);
     $config = $format->filters('filter_url')->getConfiguration();
     $this->assertSame(128, $config['settings']['filter_url_length']);
 
diff --git a/core/modules/filter/tests/src/Unit/FilterHtmlTest.php b/core/modules/filter/tests/src/Unit/FilterHtmlTest.php
index 664c2a3..3ddde35 100644
--- a/core/modules/filter/tests/src/Unit/FilterHtmlTest.php
+++ b/core/modules/filter/tests/src/Unit/FilterHtmlTest.php
@@ -22,7 +22,33 @@ class FilterHtmlTest extends UnitTestCase {
   protected function setUp() {
     parent::setUp();
     $configuration['settings'] = [
-      'allowed_html' => '<a href> <p> <em> <strong> <cite> <blockquote> <code class="pretty boring align-*"> <ul alpaca-*="wooly-* strong"> <ol llama-*> <li> <dl> <dt> <dd> <br> <h3 id>',
+      'allowed_html' => [
+        'a' => [
+          'href' => '*',
+        ],
+        'p' => [],
+        'em' => [],
+        'strong' => [],
+        'cite' => [],
+        'blockquote' => [],
+        'code' => [
+          'class' => "pretty boring align-*",
+        ],
+        'ul' => [
+          'alpaca-*' => "wooly-* strong",
+        ],
+        'ol' => [
+          'llama-*' => '*',
+        ],
+        'li' => [],
+        'dl' => [],
+        'dt' => [],
+        'dd' => [],
+        'br' => [],
+        'h3' => [
+          'id' => '*',
+        ],
+      ],
       'filter_html_help' => 1,
       'filter_html_nofollow' => 0,
     ];
@@ -79,18 +105,4 @@ public function providerFilterAttributes() {
     ];
   }
 
-  /**
-   * @covers ::setConfiguration
-   */
-  public function testSetConfiguration() {
-    $configuration['settings'] = [
-      // New lines and spaces are replaced with a single space.
-      'allowed_html' => "<a>  <br>\r\n  <p>",
-      'filter_html_help' => 1,
-      'filter_html_nofollow' => 0,
-    ];
-    $filter = new FilterHtml($configuration, 'filter_html', ['provider' => 'test']);
-    $this->assertSame('<a> <br> <p>', $filter->getConfiguration()['settings']['allowed_html']);
-  }
-
 }
diff --git a/core/modules/rest/tests/src/Functional/EntityResource/Editor/EditorResourceTestBase.php b/core/modules/rest/tests/src/Functional/EntityResource/Editor/EditorResourceTestBase.php
index 4eb4a6e..d19c703 100644
--- a/core/modules/rest/tests/src/Functional/EntityResource/Editor/EditorResourceTestBase.php
+++ b/core/modules/rest/tests/src/Functional/EntityResource/Editor/EditorResourceTestBase.php
@@ -48,7 +48,12 @@ protected function createEntity() {
         'filter_html' => [
           'status' => TRUE,
           'settings' => [
-            'allowed_html' => '<p> <a> <b> <lo>',
+            'allowed_html' => [
+              'p' => [],
+              'a' => [],
+              'b' => [],
+              'lo' => [],
+            ],
           ],
         ],
       ],
diff --git a/core/modules/rest/tests/src/Functional/EntityResource/FilterFormat/FilterFormatResourceTestBase.php b/core/modules/rest/tests/src/Functional/EntityResource/FilterFormat/FilterFormatResourceTestBase.php
index 4d65e00..5772343 100644
--- a/core/modules/rest/tests/src/Functional/EntityResource/FilterFormat/FilterFormatResourceTestBase.php
+++ b/core/modules/rest/tests/src/Functional/EntityResource/FilterFormat/FilterFormatResourceTestBase.php
@@ -41,7 +41,12 @@ protected function createEntity() {
         'filter_html' => [
           'status' => TRUE,
           'settings' => [
-            'allowed_html' => '<p> <a> <b> <lo>',
+            'allowed_html' => [
+              'p' => [],
+              'a' => [],
+              'b' => [],
+              'lo' => [],
+            ],
           ],
         ],
       ],
@@ -63,7 +68,12 @@ protected function getExpectedNormalizedEntity() {
           'status' => TRUE,
           'weight' => -10,
           'settings' => [
-            'allowed_html' => '<p> <a> <b> <lo>',
+            'allowed_html' => [
+              'p' => [],
+              'a' => [],
+              'b' => [],
+              'lo' => [],
+            ],
             'filter_html_help' => TRUE,
             'filter_html_nofollow' => FALSE,
           ],
diff --git a/core/profiles/standard/config/install/filter.format.basic_html.yml b/core/profiles/standard/config/install/filter.format.basic_html.yml
index 92224c2..566c2b1 100644
--- a/core/profiles/standard/config/install/filter.format.basic_html.yml
+++ b/core/profiles/standard/config/install/filter.format.basic_html.yml
@@ -15,7 +15,47 @@ filters:
     status: true
     weight: -10
     settings:
-      allowed_html: '<a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id> <p> <br> <span> <img src alt height width data-entity-type data-entity-uuid data-align data-caption>'
+      allowed_html:
+        a:
+          href: '*'
+          hreflang: '*'
+        em: {  }
+        strong: {  }
+        cite: {  }
+        blockquote:
+          cite: '*'
+        code: {  }
+        ul:
+          type: '*'
+        ol:
+          start: '*'
+          type: '*'
+        li: {  }
+        dl: {  }
+        dt: {  }
+        dd: {  }
+        h2:
+          id: '*'
+        h3:
+          id: '*'
+        h4:
+          id: '*'
+        h5:
+          id: '*'
+        h6:
+          id: '*'
+        p: {  }
+        br: {  }
+        span: {  }
+        img:
+          src: '*'
+          alt: '*'
+          height: '*'
+          width: '*'
+          data-entity-type: '*'
+          data-entity-uuid: '*'
+          data-align: '*'
+          data-caption: '*'
       filter_html_help: false
       filter_html_nofollow: false
   filter_align:
diff --git a/core/profiles/standard/config/install/filter.format.restricted_html.yml b/core/profiles/standard/config/install/filter.format.restricted_html.yml
index 323d077..b7d4ded 100644
--- a/core/profiles/standard/config/install/filter.format.restricted_html.yml
+++ b/core/profiles/standard/config/install/filter.format.restricted_html.yml
@@ -13,7 +13,35 @@ filters:
     status: true
     weight: -10
     settings:
-      allowed_html: '<a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>'
+      allowed_html:
+        a:
+          href: '*'
+          hreflang: '*'
+        em: {  }
+        strong: {  }
+        cite: {  }
+        blockquote:
+          cite: '*'
+        code: {  }
+        ul:
+          type: '*'
+        ol:
+          start: '*'
+          type: '*'
+        li: {  }
+        dl: {  }
+        dt: {  }
+        dd: {  }
+        h2:
+          id: '*'
+        h3:
+          id: '*'
+        h4:
+          id: '*'
+        h5:
+          id: '*'
+        h6:
+          id: '*'
       filter_html_help: true
       filter_html_nofollow: false
   filter_autop: