diff --git a/core/modules/ckeditor/tests/modules/src/Kernel/CKEditorTest.php b/core/modules/ckeditor/tests/modules/src/Kernel/CKEditorTest.php
index 4fbead9..3de3c25 100644
--- a/core/modules/ckeditor/tests/modules/src/Kernel/CKEditorTest.php
+++ b/core/modules/ckeditor/tests/modules/src/Kernel/CKEditorTest.php
@@ -49,7 +49,22 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<h2 id> <h3> <h4> <h5> <h6> <p> <br> <strong> <a href hreflang>',
+            'allowed_html' => [
+              'h2' => [
+                'id' => '*',
+              ],
+              'h3' => [],
+              'h4' => [],
+              'h5' => [],
+              'h6' => [],
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [
+                'href' => '*',
+                'hreflang' => '*',
+              ],
+            ],
           ]
         ],
       ],
@@ -118,7 +133,18 @@ public function testGetJSSettings() {
     // Change the allowed HTML tags; the "allowedContent" and "format_tags"
     // settings for CKEditor should automatically be updated as well.
     $format = $editor->getFilterFormat();
-    $format->filters('filter_html')->settings['allowed_html'] .= '<pre class> <h1> <blockquote class="*"> <address class="foo bar-* *">';
+    $format->filters('filter_html')->settings['allowed_html'] += [
+      'pre' => [
+        'class' => '*',
+      ],
+      'h1' => [],
+      'blockquote' => [
+        'class' => '*',
+      ],
+      'address' => [
+        'class' => 'foo bar-* *',
+      ],
+    ];
     $format->save();
 
     $expected_config['allowedContent']['pre'] = ['attributes' => 'class', 'styles' => FALSE, 'classes' => TRUE];
diff --git a/core/modules/ckeditor/tests/src/Kernel/Plugin/CKEditorPlugin/InternalTest.php b/core/modules/ckeditor/tests/src/Kernel/Plugin/CKEditorPlugin/InternalTest.php
index aecc228..87f8dc4 100644
--- a/core/modules/ckeditor/tests/src/Kernel/Plugin/CKEditorPlugin/InternalTest.php
+++ b/core/modules/ckeditor/tests/src/Kernel/Plugin/CKEditorPlugin/InternalTest.php
@@ -115,7 +115,10 @@ public function formatTagsSettingsTestCases() {
           'filter_html' => [
             'status' => 1,
             'settings' => [
-              'allowed_html' => '<h1> <h2>',
+              'allowed_html' => [
+                'h1' => [],
+                'h2' => [],
+              ],
               'filter_html_help' => 1,
               'filter_html_nofollow' => 0,
             ],
diff --git a/core/modules/editor/src/Tests/EditorSecurityTest.php b/core/modules/editor/src/Tests/EditorSecurityTest.php
index d00fe0e..f1991d9 100644
--- a/core/modules/editor/src/Tests/EditorSecurityTest.php
+++ b/core/modules/editor/src/Tests/EditorSecurityTest.php
@@ -92,7 +92,17 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<h2> <h3> <h4> <h5> <h6> <p> <br> <strong> <a>',
+            'allowed_html' => [
+              'h2' => [],
+              'h3' => [],
+              'h4' => [],
+              'h5' => [],
+              'h6' => [],
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [],
+            ],
           ]
         ],
       ],
@@ -107,7 +117,17 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<h2> <h3> <h4> <h5> <h6> <p> <br> <strong> <a>',
+            'allowed_html' => [
+              'h2' => [],
+              'h3' => [],
+              'h4' => [],
+              'h5' => [],
+              'h6' => [],
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [],
+            ],
           ]
         ],
       ],
@@ -127,7 +147,18 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<h2> <h3> <h4> <h5> <h6> <p> <br> <strong> <a> <embed>',
+            'allowed_html' => [
+              'h2' => [],
+              'h3' => [],
+              'h4' => [],
+              'h5' => [],
+              'h6' => [],
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [],
+              'embed' => [],
+            ],
           ]
         ],
       ],
diff --git a/core/modules/editor/tests/editor_private_test/config/install/filter.format.private_images.yml b/core/modules/editor/tests/editor_private_test/config/install/filter.format.private_images.yml
index 261bd90..dc4dd04 100644
--- a/core/modules/editor/tests/editor_private_test/config/install/filter.format.private_images.yml
+++ b/core/modules/editor/tests/editor_private_test/config/install/filter.format.private_images.yml
@@ -15,7 +15,12 @@ filters:
     status: false
     weight: -10
     settings:
-      allowed_html: '<img src alt data-entity-type data-entity-uuid>'
+      allowed_html:
+        img:
+          src: '*'
+          alt: '*'
+          data-entity-type: '*'
+          data-entity-uuid: '*'
       filter_html_help: true
       filter_html_nofollow: false
 dependencies:
diff --git a/core/modules/filter/config/schema/filter.schema.yml b/core/modules/filter/config/schema/filter.schema.yml
index b45a475..6756f1e 100644
--- a/core/modules/filter/config/schema/filter.schema.yml
+++ b/core/modules/filter/config/schema/filter.schema.yml
@@ -51,8 +51,14 @@ filter_settings.filter_html:
   label: 'Filter HTML'
   mapping:
     allowed_html:
-      type: string
+      type: sequence
       label: 'Allowed HTML'
+      sequence:
+        type: sequence
+        label: 'Attributes'
+        sequence:
+          type: string
+          label: 'Value'
     filter_html_help:
       type: boolean
       label: 'HTML help'
diff --git a/core/modules/filter/filter.install b/core/modules/filter/filter.install
new file mode 100644
index 0000000..92a460c
--- /dev/null
+++ b/core/modules/filter/filter.install
@@ -0,0 +1,35 @@
+<?php
+
+/**
+ * @file
+ * Install, update and uninstall functions for the filter module.
+ */
+
+use Drupal\filter\Plugin\Filter\FilterHtml;
+
+/**
+ * Implements hook_update_dependencies().
+ */
+function filter_update_dependencies() {
+  // Run the system install hook to add extra attributes to HTML tags before
+  // updating the schema.
+  $dependencies['filter'][8001] = [
+    'system' => 8009,
+  ];
+}
+
+/**
+ * Update the filter_html filter format schema.
+ */
+function filter_update_8001() {
+  $config_factory = \Drupal::configFactory();
+  foreach ($config_factory->listAll('filter.format.') as $name) {
+    $filter = $config_factory->getEditable($name);
+    $allowed_html = $filter->get('filters.filter_html.settings.allowed_html');
+    if ($allowed_html !== NULL) {
+      $updated_allowed_html = FilterHtml::convertAllowedHtmlStringToArray($allowed_html);
+      $filter->set('filters.filter_html.settings.allowed_html', $updated_allowed_html);
+      $filter->save();
+    }
+  }
+}
diff --git a/core/modules/filter/src/Plugin/Filter/FilterHtml.php b/core/modules/filter/src/Plugin/Filter/FilterHtml.php
index 882bcc0..c4ccc1d 100644
--- a/core/modules/filter/src/Plugin/Filter/FilterHtml.php
+++ b/core/modules/filter/src/Plugin/Filter/FilterHtml.php
@@ -5,6 +5,7 @@
 use Drupal\Component\Utility\Xss;
 use Drupal\Core\Form\FormStateInterface;
 use Drupal\Component\Utility\Html;
+use Drupal\filter\FilterHtmlAllowedMarkupSchema;
 use Drupal\filter\FilterProcessResult;
 use Drupal\filter\Plugin\FilterBase;
 
@@ -20,7 +21,7 @@
  *   title = @Translation("Limit allowed HTML tags and correct faulty HTML"),
  *   type = Drupal\filter\Plugin\FilterInterface::TYPE_HTML_RESTRICTOR,
  *   settings = {
- *     "allowed_html" = "<a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type='1 A I'> <li> <dl> <dt> <dd> <h2 id='jump-*'> <h3 id> <h4 id> <h5 id> <h6 id>",
+ *     "allowed_html" = TRUE,
  *     "filter_html_help" = TRUE,
  *     "filter_html_nofollow" = FALSE
  *   },
@@ -45,6 +46,10 @@ public function settingsForm(array $form, FormStateInterface $form_state) {
       '#title' => $this->t('Allowed HTML tags'),
       '#default_value' => $this->settings['allowed_html'],
       '#description' => $this->t('A list of HTML tags that can be used. By default only the <em>lang</em> and <em>dir</em> attributes are allowed for all HTML tags. Each HTML tag may have attributes which are treated as allowed attribute names for that HTML tag. Each attribute may allow all values, or only allow specific values. Attribute names or values may be written as a prefix and wildcard like <em>jump-*</em>. JavaScript event attributes, JavaScript URLs, and CSS are always stripped.'),
+      '#value_callback' => [$this, 'allowedHtmlValueCallback'],
+      '#pre_render' => [
+        [$this, 'preRenderAllowedHtml'],
+      ],
       '#attached' => [
         'library' => [
           'filter/drupal.filter.filter_html.admin',
@@ -65,14 +70,32 @@ public function settingsForm(array $form, FormStateInterface $form_state) {
   }
 
   /**
+   * Value callback for the allowed_html field.
+   */
+  public function allowedHtmlValueCallback($element, $input, FormStateInterface $form_state) {
+    return $input === FALSE ? $element['#default_value'] : static::convertAllowedHtmlStringToArray($input);
+  }
+
+  /**
+   * Pre render callback for the allowed_html element.
+   */
+  public function preRenderAllowedHtml($element) {
+    $element['#value'] = static::convertAllowedHtmlArrayToString($element['#value']);
+    return $element;
+  }
+
+  /**
    * {@inheritdoc}
    */
   public function setConfiguration(array $configuration) {
-    if (isset($configuration['settings']['allowed_html'])) {
-      // The javascript in core/modules/filter/filter.filter_html.admin.js
-      // removes new lines and double spaces so, for consistency when javascript
-      // is disabled, remove them.
-      $configuration['settings']['allowed_html'] = preg_replace('/\s+/', ' ', $configuration['settings']['allowed_html']);
+    // The allowed_html setting is stored as an array of elements and
+    // attributes. The default annotation configuration for a plugin is merged
+    // into the actual configuration. So that we can support a default
+    // configuration that isn't merged and thus certain elements forced to be
+    // enabled, only set the configuration when allowed_html is TRUE as
+    // specified in the annotation.
+    if (!isset($configuration['settings']['allowed_html']) || $configuration['settings']['allowed_html'] === TRUE) {
+      $configuration['settings']['allowed_html'] = $this->defaultConfiguration()['settings']['allowed_html'];
     }
     parent::setConfiguration($configuration);
     // Force restrictions to be calculated again.
@@ -82,6 +105,53 @@ public function setConfiguration(array $configuration) {
   /**
    * {@inheritdoc}
    */
+  public function defaultConfiguration() {
+    $default_configuration = parent::defaultConfiguration();
+    $default_configuration['settings']['allowed_html'] = [
+      'a' => [
+        'href' => '*',
+        'hreflang' => '*',
+      ],
+      'em' => [],
+      'strong' => [],
+      'cite' => [],
+      'blockquote' => [
+        'cite' => '*',
+      ],
+      'code' => [],
+      'ul' => [
+        'type' => '*',
+      ],
+      'ol' => [
+        'start' => '*',
+        'type' => '1 A I',
+      ],
+      'li' => [],
+      'dl' => [],
+      'dt' => [],
+      'dd' => [],
+      'h2' => [
+        'id' => 'jump-*',
+      ],
+      'h3' => [
+        'id' => '*',
+      ],
+      'h4' => [
+        'id' => '*',
+      ],
+      'h5' => [
+        'id' => '*',
+      ],
+      'h6' => [
+        'id' => '*',
+      ],
+    ];
+    return $default_configuration;
+  }
+
+  /**
+   * {@inheritdoc}
+   */
   public function process($text, $langcode) {
     $restrictions = $this->getHtmlRestrictions();
     // Split the work into two parts. For filtering HTML tags out of the content
@@ -251,33 +321,13 @@ public function getHTMLRestrictions() {
     // specific.
     $restrictions = ['allowed' => []];
 
-    // Make all the tags self-closing, so they will be parsed into direct
-    // children of the body tag in the DomDocument.
-    $html = str_replace('>', ' />', $this->settings['allowed_html']);
-    // Protect any trailing * characters in attribute names, since DomDocument
-    // strips them as invalid.
-    $star_protector = '__zqh6vxfbk3cg__';
-    $html = str_replace('*', $star_protector, $html);
-    $body_child_nodes = Html::load($html)->getElementsByTagName('body')->item(0)->childNodes;
-
-    foreach ($body_child_nodes as $node) {
-      if ($node->nodeType !== XML_ELEMENT_NODE) {
-        // Skip the empty text nodes inside tags.
-        continue;
-      }
-      $tag = $node->tagName;
-      if ($node->hasAttributes()) {
-        // Mark the tag as allowed, assigning TRUE for each attribute name if
-        // all values are allowed, or an array of specific allowed values.
-        $restrictions['allowed'][$tag] = [];
-        // Iterate over any attributes, and mark them as allowed.
-        foreach ($node->attributes as $name => $attribute) {
-          // Put back any trailing * on wildcard attribute name.
-          $name = str_replace($star_protector, '*', $name);
-
-          // Put back any trailing * on wildcard attribute value and parse out
-          // the allowed attribute values.
-          $allowed_attribute_values = preg_split('/\s+/', str_replace($star_protector, '*', $attribute->value), -1, PREG_SPLIT_NO_EMPTY);
+    foreach ($this->settings['allowed_html'] as $element_name => $element_attributes) {
+      // If no attributes are specified, the element is allowed, but with
+      // no attributes.
+      if (!empty($element_attributes)) {
+        foreach ($element_attributes as $attribute_name => $attribute_value) {
+          // Parse the allowed attribute values.
+          $allowed_attribute_values = preg_split('/\s+/', $attribute_value, -1, PREG_SPLIT_NO_EMPTY);
 
           // Sanitize the attribute value: it lists the allowed attribute values
           // but one allowed attribute value that some may be tempted to use
@@ -285,24 +335,24 @@ public function getHTMLRestrictions() {
           // allowed attribute values with a wildcard. A wildcard by itself
           // would mean whitelisting all possible attribute values. But in that
           // case, one would not specify an attribute value at all.
-          $allowed_attribute_values = array_filter($allowed_attribute_values, function ($value) use ($star_protector) { return $value !== '*'; });
+          $allowed_attribute_values = array_filter($allowed_attribute_values, function ($value) { return $value !== '*'; });
 
           if (empty($allowed_attribute_values)) {
             // If the value is the empty string all values are allowed.
-            $restrictions['allowed'][$tag][$name] = TRUE;
+            $restrictions['allowed'][$element_name][$attribute_name] = TRUE;
           }
           else {
             // A non-empty attribute value is assigned, mark each of the
             // specified attribute values as allowed.
-            foreach ($allowed_attribute_values as $value) {
-              $restrictions['allowed'][$tag][$name][$value] = TRUE;
+            foreach ($allowed_attribute_values as $allowed_attribute_value) {
+              $restrictions['allowed'][$element_name][$attribute_name][$allowed_attribute_value] = TRUE;
             }
           }
         }
       }
       else {
         // Mark the tag as allowed, but with no attributes allowed.
-        $restrictions['allowed'][$tag] = FALSE;
+        $restrictions['allowed'][$element_name] = FALSE;
       }
     }
 
@@ -331,6 +381,74 @@ public function getHTMLRestrictions() {
   }
 
   /**
+   * Generates an array to represent the allowed HTML settings.
+   *
+   * @param string $allowed_html_string
+   *   The string representation of the allowed_html setting.
+   *
+   * @return array
+   *   The array representation of the allowed_html setting.
+   */
+  public static function convertAllowedHtmlStringToArray($allowed_html_string) {
+    $allowed_html_settings = [];
+
+    // Make all the tags self-closing, so they will be parsed into direct
+    // children of the body tag in the DomDocument.
+    $html = str_replace('>', ' />', $allowed_html_string);
+    // Protect any trailing * characters in attribute names, since DomDocument
+    // strips them as invalid.
+    $star_protector = '__zqh6vxfbk3cg__';
+    $html = str_replace('*', $star_protector, $html);
+    $body_child_nodes = Html::load($html)
+      ->getElementsByTagName('body')
+      ->item(0)->childNodes;
+
+    foreach ($body_child_nodes as $node) {
+      if ($node->nodeType !== XML_ELEMENT_NODE) {
+        // Skip the empty text nodes inside tags.
+        continue;
+      }
+      $tag = $node->tagName;
+      $allowed_html_settings[$tag] = [];
+      if ($node->hasAttributes()) {
+        // Iterate over any attributes, and mark them as allowed.
+        foreach ($node->attributes as $name => $attribute) {
+          // Put back any trailing * on wildcard attribute name.
+          $name = str_replace($star_protector, '*', $name);
+          $value = str_replace($star_protector, '*', $attribute->value);
+          if (empty($value)) {
+            $value = '*';
+          }
+          $allowed_html_settings[$tag][$name] = $value;
+        }
+      }
+    }
+
+    return $allowed_html_settings;
+  }
+
+  /**
+   * Generate a string to represent the allowed HTML.
+   *
+   * @param array $allowed_html_settings
+   *   The array representation of the allowed_html setting.
+   *
+   * @return string
+   *   The string representation of the allowed_html setting.
+   */
+  public static function convertAllowedHtmlArrayToString($allowed_html_settings) {
+    $allowed_html_tags = [];
+    foreach ($allowed_html_settings as $tag => $attributes) {
+      $attribute_strings = [];
+      foreach ($attributes as $attribute => $value) {
+        $attribute_strings[] = $value === '*' ? $attribute : sprintf('%s="%s"', $attribute, $value);
+      }
+      $allowed_html_tags[] = sprintf('<%s%s%s>', $tag, count($attribute_strings) > 0 ? ' ' : '', implode(' ', $attribute_strings));
+    }
+    return implode(' ', $allowed_html_tags);
+  }
+
+  /**
    * {@inheritdoc}
    */
   public function tips($long = FALSE) {
@@ -339,7 +457,8 @@ public function tips($long = FALSE) {
     if (!($allowed_html = $this->settings['allowed_html'])) {
       return;
     }
-    $output = $this->t('Allowed HTML tags: @tags', ['@tags' => $allowed_html]);
+    $allowed_html_string = static::convertAllowedHtmlArrayToString($allowed_html);
+    $output = $this->t('Allowed HTML tags: @tags', ['@tags' => $allowed_html_string]);
     if (!$long) {
       return $output;
     }
@@ -389,7 +508,7 @@ public function tips($long = FALSE) {
       'h6' => [$this->t('Heading'), '<h6>' . $this->t('Subtitle six') . '</h6>']
     ];
     $header = [$this->t('Tag Description'), $this->t('You Type'), $this->t('You Get')];
-    preg_match_all('/<([a-z0-9]+)[^a-z0-9]/i', $allowed_html, $out);
+    preg_match_all('/<([a-z0-9]+)[^a-z0-9]/i', $allowed_html_string, $out);
     foreach ($out[1] as $tag) {
       if (!empty($tips[$tag])) {
         $rows[] = [
diff --git a/core/modules/filter/src/Plugin/migrate/process/FilterSettings.php b/core/modules/filter/src/Plugin/migrate/process/FilterSettings.php
index 2350426..4783375 100644
--- a/core/modules/filter/src/Plugin/migrate/process/FilterSettings.php
+++ b/core/modules/filter/src/Plugin/migrate/process/FilterSettings.php
@@ -2,6 +2,7 @@
 
 namespace Drupal\filter\Plugin\migrate\process;
 
+use Drupal\filter\Plugin\Filter\FilterHtml;
 use Drupal\migrate\ProcessPluginBase;
 use Drupal\migrate\MigrateExecutableInterface;
 use Drupal\migrate\Row;
@@ -43,6 +44,7 @@ public function transform($value, MigrateExecutableInterface $migrate_executable
     // Only the filter_html filter's settings have a changed format.
     if ($row->getDestinationProperty('id') === 'filter_html') {
       $value['allowed_html'] = str_replace(array_keys($this->allowedHtmlDefaultAttributes), array_values($this->allowedHtmlDefaultAttributes), $value['allowed_html']);
+      $value['allowed_html'] = FilterHtml::convertAllowedHtmlStringToArray($value['allowed_html']);
     }
     return $value;
   }
diff --git a/core/modules/filter/src/Tests/FilterAdminTest.php b/core/modules/filter/src/Tests/FilterAdminTest.php
index aceeff5..aaf5faf 100644
--- a/core/modules/filter/src/Tests/FilterAdminTest.php
+++ b/core/modules/filter/src/Tests/FilterAdminTest.php
@@ -52,7 +52,13 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<p> <br> <strong> <a> <em>',
+            'allowed_html' => [
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [],
+              'em' => [],
+            ],
           ],
         ],
       ],
@@ -66,7 +72,14 @@ protected function setUp() {
           'status' => TRUE,
           'weight' => -10,
           'settings' => [
-            'allowed_html' => '<p> <br> <strong> <a> <em> <h4>',
+            'allowed_html' => [
+              'p' => [],
+              'br' => [],
+              'strong' => [],
+              'a' => [],
+              'em' => [],
+              'h4' => [],
+            ],
           ],
         ],
         'filter_autop' => [
diff --git a/core/modules/filter/src/Tests/FilterHtmlImageSecureTest.php b/core/modules/filter/src/Tests/FilterHtmlImageSecureTest.php
index 249021a..9ec60ba 100644
--- a/core/modules/filter/src/Tests/FilterHtmlImageSecureTest.php
+++ b/core/modules/filter/src/Tests/FilterHtmlImageSecureTest.php
@@ -41,7 +41,13 @@ protected function setUp() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<img src testattribute> <a>',
+            'allowed_html' => [
+              'img' => [
+                'src' => '*',
+                'testattribute' => '*',
+              ],
+              'a' => [],
+            ],
           ],
         ],
         'filter_autop' => [
diff --git a/core/modules/filter/src/Tests/Update/FilterHtmlSchemaUpdateTest.php b/core/modules/filter/src/Tests/Update/FilterHtmlSchemaUpdateTest.php
new file mode 100644
index 0000000..c68e95a
--- /dev/null
+++ b/core/modules/filter/src/Tests/Update/FilterHtmlSchemaUpdateTest.php
@@ -0,0 +1,64 @@
+<?php
+
+namespace Drupal\filter\Tests\Update;
+
+use Drupal\filter\Entity\FilterFormat;
+use Drupal\system\Tests\Update\UpdatePathTestBase;
+
+/**
+ * Test the filter html plugin schema update path.
+ *
+ * @group filter
+ */
+class FilterHtmlSchemaUpdateTest extends UpdatePathTestBase {
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function setDatabaseDumpFiles() {
+    $this->databaseDumpFiles = [
+      __DIR__ . '/../../../../system/tests/fixtures/update/drupal-8.bare.standard.php.gz',
+      __DIR__ . '/../../../tests/fixtures/update/drupal-8.filter-html-updated-schema-2871354.php',
+    ];
+  }
+
+  /**
+   * Tests filter_update_8001().
+   */
+  public function testSchemaUpdate() {
+    $this->runUpdates();
+
+    $filter = FilterFormat::load('test_format');
+    $filter_html_configuration = $filter->filters('filter_html')->getConfiguration();
+
+    $this->assertEqual([
+      'no-attributes' => [],
+      'single-attribute' => [
+          'foo' => '*',
+      ],
+      'attribute-with-value' => [
+        'foo' => 'bar',
+      ],
+      'multiple-attributes' => [
+        'foo' => 'value',
+        'bar' => 'value',
+      ],
+      'multiple-attribute-values' => [
+        'foo' => 'bar baz',
+      ],
+      'wildcard-attributes' => [
+        '*' => '*',
+      ],
+      'wildcard-attribute-name' => [
+        'data-*' => '*',
+      ],
+      'wildcard-attribute-name-with-value' => [
+        'data-*' => 'foo',
+      ],
+      'wildcard-attribute-value' => [
+        'foo' => '*',
+      ],
+    ], $filter_html_configuration['settings']['allowed_html']);
+  }
+
+}
diff --git a/core/modules/filter/tests/filter_test/config/install/filter.format.filtered_html.yml b/core/modules/filter/tests/filter_test/config/install/filter.format.filtered_html.yml
index ba403db..a35c48e 100644
--- a/core/modules/filter/tests/filter_test/config/install/filter.format.filtered_html.yml
+++ b/core/modules/filter/tests/filter_test/config/install/filter.format.filtered_html.yml
@@ -12,4 +12,10 @@ filters:
     provider: filter
     status: true
     settings:
-      allowed_html: '<p> <br> <strong> <a href hreflang>'
+      allowed_html:
+        p: {  }
+        br: {  }
+        strong: {  }
+        a:
+          href: '*'
+          hreflang: '*'
diff --git a/core/modules/filter/tests/fixtures/update/drupal-8.filter-html-updated-schema-2871354.php b/core/modules/filter/tests/fixtures/update/drupal-8.filter-html-updated-schema-2871354.php
new file mode 100644
index 0000000..3cf3185
--- /dev/null
+++ b/core/modules/filter/tests/fixtures/update/drupal-8.filter-html-updated-schema-2871354.php
@@ -0,0 +1,49 @@
+<?php
+
+/**
+ * @file
+ * Contains database additions for testing the upgrade path for 2871354.
+ */
+
+use Drupal\Core\Database\Database;
+
+$connection = Database::getConnection();
+
+$formats = [
+  'test_format' => [
+    'langcode' => 'en',
+    'status' => TRUE,
+    'dependencies' => [],
+    'name' => 'Test Filter',
+    'format' => 'test_format',
+    'weight' => 0,
+    'filters' => [
+      'filter_html' => [
+        'id' => 'filter_html',
+        'provider' => 'filter',
+        'status' => TRUE,
+        'weight' => -10,
+        'settings' => [
+          'allowed_html' => '<no-attributes> <single-attribute foo> <attribute-with-value foo="bar"> <multiple-attributes foo="value" bar="value"> <multiple-attribute-values foo="bar baz"> <wildcard-attributes *> <wildcard-attribute-name data-*> <wildcard-attribute-name-with-value data-*="foo"> <wildcard-attribute-value foo="*">',
+          'filter_html_help' => FALSE,
+          'filter_html_nofollow' => FALSE,
+        ],
+      ],
+    ],
+  ],
+];
+
+foreach ($formats as $id => $format) {
+  $connection->insert('config')
+    ->fields([
+      'collection',
+      'name',
+      'data',
+    ])
+    ->values([
+      'collection' => '',
+      'name' => 'filter.format.' . $id,
+      'data' => serialize($format),
+    ])
+    ->execute();
+}
diff --git a/core/modules/filter/tests/src/Functional/FilterHtmlAdminTest.php b/core/modules/filter/tests/src/Functional/FilterHtmlAdminTest.php
new file mode 100644
index 0000000..c5654ac
--- /dev/null
+++ b/core/modules/filter/tests/src/Functional/FilterHtmlAdminTest.php
@@ -0,0 +1,63 @@
+<?php
+
+namespace Drupal\Tests\filter\Functional;
+
+use Drupal\Tests\BrowserTestBase;
+
+/**
+ * Test the filter_html administration.
+ *
+ * @group filter
+ */
+class FilterHtmlAdminTest extends BrowserTestBase {
+
+  /**
+   * Modules to enable.
+   *
+   * @var array
+   */
+  public static $modules = [
+    'filter',
+  ];
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function setUp() {
+    parent::setUp();
+
+    $this->drupalLogin($this->drupalCreateUser([
+      'administer modules',
+      'administer filters',
+      'administer site configuration'
+    ]));
+  }
+
+  /**
+   * Test the Filter HTML admin form.
+   */
+  public function testFilterHtmlAdminForm() {
+    $this->drupalGet('admin/config/content/formats/add');
+
+    // Ensure the filter_html form contains the correct default value.
+    $this->assertSession()->fieldValueEquals('filters[filter_html][settings][allowed_html]', '<a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type="1 A I"> <li> <dl> <dt> <dd> <h2 id="jump-*"> <h3 id> <h4 id> <h5 id> <h6 id>');
+
+    // After saving the filter with a subset of the tags from the default value
+    // ensure no tags reappear from the default value.
+    $this->submitForm([
+      'name' => 'Test filter',
+      'format' => 'test_filter',
+      'filters[filter_html][settings][allowed_html]' => '<a href hreflang> <em>',
+    ], 'Save configuration');
+    $this->drupalGet('admin/config/content/formats/manage/test_filter');
+    $this->assertSession()->fieldValueEquals('filters[filter_html][settings][allowed_html]', '<a href hreflang> <em>');
+
+    // Saving an empty value should not restore the defaults.
+    $this->submitForm([
+      'filters[filter_html][settings][allowed_html]' => '',
+    ], 'Save configuration');
+    $this->drupalGet('admin/config/content/formats/manage/test_filter');
+    $this->assertSession()->fieldValueEquals('filters[filter_html][settings][allowed_html]', '');
+  }
+
+}
diff --git a/core/modules/filter/tests/src/Kernel/FilterAPITest.php b/core/modules/filter/tests/src/Kernel/FilterAPITest.php
index 2203bbe..3f2c710 100644
--- a/core/modules/filter/tests/src/Kernel/FilterAPITest.php
+++ b/core/modules/filter/tests/src/Kernel/FilterAPITest.php
@@ -45,7 +45,9 @@ public function testCheckMarkupFilterOrder() {
           'weight' => -10,
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<p>',
+            'allowed_html' => [
+              'p' => [],
+            ],
           ],
         ],
       ]
@@ -141,7 +143,7 @@ public function testFilterFormatAPI() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '', // Nothing is allowed.
+            'allowed_html' => [], // Nothing is allowed.
           ],
         ],
       ],
@@ -167,7 +169,14 @@ public function testFilterFormatAPI() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<p> <br> <a href> <strong>',
+            'allowed_html' => [
+              'p' => [],
+              'br' => [],
+              'a' => [
+                'href' => '*',
+              ],
+              'strong' => [],
+            ],
           ],
         ],
         'filter_test_restrict_tags_and_attributes' => [
@@ -214,7 +223,18 @@ public function testFilterFormatAPI() {
         'filter_html' => [
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<a> <b class> <c class="*"> <d class="foo bar-* *">',
+            'allowed_html' => [
+              'a' => [],
+              'b' => [
+                'class' => '*',
+              ],
+              'c' => [
+                'class' => '*',
+              ],
+              'd' => [
+                'class' => 'foo bar-* *',
+              ],
+            ],
           ],
         ],
       ]
@@ -410,7 +430,9 @@ public function testFilterFormatPreSave() {
           'weight' => -10,
           'status' => 1,
           'settings' => [
-            'allowed_html' => '<p>',
+            'allowed_html' => [
+              'p' => [],
+            ],
           ],
         ],
       ]
diff --git a/core/modules/filter/tests/src/Kernel/FilterKernelTest.php b/core/modules/filter/tests/src/Kernel/FilterKernelTest.php
index cf72bbe..451a54b 100644
--- a/core/modules/filter/tests/src/Kernel/FilterKernelTest.php
+++ b/core/modules/filter/tests/src/Kernel/FilterKernelTest.php
@@ -192,7 +192,13 @@ public function testCaptionFilter() {
     $html_filter = $this->filters['filter_html'];
     $html_filter->setConfiguration([
       'settings' => [
-        'allowed_html' => '<img src data-align data-caption>',
+        'allowed_html' => [
+          'img' => [
+            'src' => '*',
+            'data-align' => '*',
+            'data-caption' => '*',
+          ],
+        ],
         'filter_html_help' => 1,
         'filter_html_nofollow' => 0,
       ]
@@ -408,7 +414,22 @@ public function testHtmlFilter() {
     $filter = $this->filters['filter_html'];
     $filter->setConfiguration([
       'settings' => [
-        'allowed_html' => '<a> <p> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd> <br>',
+        'allowed_html' => [
+          'a' => [],
+          'p' => [],
+          'em' => [],
+          'strong' => [],
+          'cite' => [],
+          'blockquote' => [],
+          'code' => [],
+          'ul' => [],
+          'ol' => [],
+          'li' => [],
+          'dl' => [],
+          'dt' => [],
+          'dd' => [],
+          'br' => [],
+        ],
         'filter_html_help' => 1,
         'filter_html_nofollow' => 0,
       ]
@@ -463,10 +484,27 @@ public function testHtmlFilter() {
     // Now whitelist the "llama" attribute on <a>.
     $filter->setConfiguration([
       'settings' => [
-        'allowed_html' => '<a href llama> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd> <br>',
+        'allowed_html' => [
+          'a' => [
+            'href' => '*',
+            'llama' => '*',
+          ],
+          'em' => [],
+          'strong' => [],
+          'cite' => [],
+          'blockquote' => [],
+          'code' => [],
+          'ul' => [],
+          'ol' => [],
+          'li' => [],
+          'dl' => [],
+          'dt' => [],
+          'dd' => [],
+          'br' => [],
+        ],
         'filter_html_help' => 1,
         'filter_html_nofollow' => 0,
-      ]
+      ],
     ]);
     $f = (string) $filter->process('<a kitten="cute" llama="awesome">link</a>', Language::LANGCODE_NOT_SPECIFIED);
     $this->assertNormalized($f, '<a llama="awesome">link</a>', 'HTML filter keeps explicitly allowed attributes, and removes attributes that are not explicitly allowed.');
@@ -475,7 +513,24 @@ public function testHtmlFilter() {
     // "majestical", or "epic".
     $filter->setConfiguration([
       'settings' => [
-        'allowed_html' => '<a href llama="majestical epic"> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd> <br>',
+        'allowed_html' => [
+          'a' => [
+            'href' => '*',
+            'llama' => 'majestical epic',
+          ],
+          'em' => [],
+          'strong' => [],
+          'cite' => [],
+          'blockquote' => [],
+          'code' => [],
+          'ul' => [],
+          'ol' => [],
+          'li' => [],
+          'dl' => [],
+          'dt' => [],
+          'dd' => [],
+          'br' => [],
+        ],
         'filter_html_help' => 1,
         'filter_html_nofollow' => 0,
       ]
@@ -498,7 +553,11 @@ public function testNoFollowFilter() {
     $filter = $this->filters['filter_html'];
     $filter->setConfiguration([
       'settings' => [
-        'allowed_html' => '<a href>',
+        'allowed_html' => [
+          'a' => [
+            'href' => '*',
+          ],
+        ],
         'filter_html_help' => 1,
         'filter_html_nofollow' => 1,
       ]
diff --git a/core/modules/filter/tests/src/Kernel/Migrate/d6/MigrateFilterFormatTest.php b/core/modules/filter/tests/src/Kernel/Migrate/d6/MigrateFilterFormatTest.php
index 81faf3e..82dfb48 100644
--- a/core/modules/filter/tests/src/Kernel/Migrate/d6/MigrateFilterFormatTest.php
+++ b/core/modules/filter/tests/src/Kernel/Migrate/d6/MigrateFilterFormatTest.php
@@ -40,7 +40,27 @@ public function testFilterFormat() {
     $this->assertFalse(isset($filters['filter_html_image_secure']));
 
     // Check variables migrated into filter.
-    $this->assertSame('<a href hreflang> <em> <strong> <cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd>', $filters['filter_html']['settings']['allowed_html']);
+    $this->assertSame([
+      'a' => [
+        'href' => '*',
+        'hreflang' => '*',
+      ],
+      'em' => [],
+      'strong' => [],
+      'cite' => [],
+      'code' => [],
+      'ul' => [
+        'type' => '*',
+      ],
+      'ol' => [
+        'start' => '*',
+        'type' => '*',
+      ],
+      'li' => [],
+      'dl' => [],
+      'dt' => [],
+      'dd' => [],
+    ], $filters['filter_html']['settings']['allowed_html']);
     $this->assertSame(TRUE, $filters['filter_html']['settings']['filter_html_help']);
     $this->assertSame(FALSE, $filters['filter_html']['settings']['filter_html_nofollow']);
     $this->assertSame(72, $filters['filter_url']['settings']['filter_url_length']);
diff --git a/core/modules/filter/tests/src/Kernel/Migrate/d7/MigrateFilterFormatTest.php b/core/modules/filter/tests/src/Kernel/Migrate/d7/MigrateFilterFormatTest.php
index 0f54245..cd2d392 100644
--- a/core/modules/filter/tests/src/Kernel/Migrate/d7/MigrateFilterFormatTest.php
+++ b/core/modules/filter/tests/src/Kernel/Migrate/d7/MigrateFilterFormatTest.php
@@ -70,7 +70,28 @@ public function testFilterFormat() {
     $format = FilterFormat::load('filtered_html');
     $this->assertInstanceOf(FilterFormatInterface::class, $format);
     $config = $format->filters('filter_html')->getConfiguration();
-    $this->assertSame('<div> <span> <ul type> <li> <ol start type> <a href hreflang> <img src alt height width>', $config['settings']['allowed_html']);
+    $this->assertSame([
+      'div' => [],
+      'span' => [],
+      'ul' => [
+        'type' => '*',
+      ],
+      'li' => [],
+      'ol' => [
+        'start' => '*',
+        'type' => '*',
+      ],
+      'a' => [
+        'href' => '*',
+        'hreflang' => '*',
+      ],
+      'img' => [
+        'src' => '*',
+        'alt' => '*',
+        'height' => '*',
+        'width' => '*',
+      ],
+    ], $config['settings']['allowed_html']);
     $config = $format->filters('filter_url')->getConfiguration();
     $this->assertSame(128, $config['settings']['filter_url_length']);
 
diff --git a/core/modules/filter/tests/src/Unit/FilterHtmlTest.php b/core/modules/filter/tests/src/Unit/FilterHtmlTest.php
index 664c2a3..53b583c 100644
--- a/core/modules/filter/tests/src/Unit/FilterHtmlTest.php
+++ b/core/modules/filter/tests/src/Unit/FilterHtmlTest.php
@@ -22,7 +22,33 @@ class FilterHtmlTest extends UnitTestCase {
   protected function setUp() {
     parent::setUp();
     $configuration['settings'] = [
-      'allowed_html' => '<a href> <p> <em> <strong> <cite> <blockquote> <code class="pretty boring align-*"> <ul alpaca-*="wooly-* strong"> <ol llama-*> <li> <dl> <dt> <dd> <br> <h3 id>',
+      'allowed_html' => [
+        'a' => [
+          'href' => '*',
+        ],
+        'p' => [],
+        'em' => [],
+        'strong' => [],
+        'cite' => [],
+        'blockquote' => [],
+        'code' => [
+          'class' => "pretty boring align-*",
+        ],
+        'ul' => [
+          'alpaca-*' => "wooly-* strong",
+        ],
+        'ol' => [
+          'llama-*' => '*',
+        ],
+        'li' => [],
+        'dl' => [],
+        'dt' => [],
+        'dd' => [],
+        'br' => [],
+        'h3' => [
+          'id' => '*',
+        ],
+      ],
       'filter_html_help' => 1,
       'filter_html_nofollow' => 0,
     ];
@@ -80,17 +106,71 @@ public function providerFilterAttributes() {
   }
 
   /**
-   * @covers ::setConfiguration
+   * @covers ::convertAllowedHtmlStringToArray
    */
-  public function testSetConfiguration() {
-    $configuration['settings'] = [
-      // New lines and spaces are replaced with a single space.
-      'allowed_html' => "<a>  <br>\r\n  <p>",
-      'filter_html_help' => 1,
-      'filter_html_nofollow' => 0,
+  public function testConvertAllowedHtmlStringToArrayWhitespace() {
+    $this->assertSame([
+      'a' => [],
+      'br' => [],
+      'p' => [],
+    ], FilterHtml::convertAllowedHtmlStringToArray("<a>  <br>\r\n  <p>"));
+  }
+
+  /**
+   * @covers ::convertAllowedHtmlStringToArray
+   *
+   * @dataProvider stringArrayConversionTestCases
+   */
+  public function testConvertAllowedHtmlStringToArray($string, $settings) {
+    $this->assertSame($settings, FilterHtml::convertAllowedHtmlStringToArray($string));
+  }
+
+  /**
+   * @covers ::convertAllowedHtmlArrayToString
+   *
+   * @dataProvider stringArrayConversionTestCases
+   */
+  public function testConvertAllowedHtmlArrayToString($string, $settings) {
+    $this->assertSame($string, FilterHtml::convertAllowedHtmlArrayToString($settings));
+  }
+
+  /**
+   * Test cases for the array string allowed_html settings conversion.
+   */
+  public function stringArrayConversionTestCases() {
+    return [
+      'Simple settings' => [
+        '<a>',
+        [
+          'a' => [],
+        ],
+      ],
+      'Complex settings' => [
+        '<a href data-foo-* data-bar-*="baz">',
+        [
+          'a' => [
+            'href' => '*',
+            'data-foo-*' => '*',
+            'data-bar-*' => 'baz',
+          ],
+        ],
+      ],
+      'All attributes' => [
+        '<a *>',
+        [
+          'a' => [
+            '*' => '*',
+          ],
+        ],
+      ],
+      'Multiple elements' => [
+        '<foo> <bar>',
+        [
+          'foo' => [],
+          'bar' => [],
+        ],
+      ],
     ];
-    $filter = new FilterHtml($configuration, 'filter_html', ['provider' => 'test']);
-    $this->assertSame('<a> <br> <p>', $filter->getConfiguration()['settings']['allowed_html']);
   }
 
 }
diff --git a/core/modules/rest/tests/src/Functional/EntityResource/Editor/EditorResourceTestBase.php b/core/modules/rest/tests/src/Functional/EntityResource/Editor/EditorResourceTestBase.php
index 4eb4a6e..d19c703 100644
--- a/core/modules/rest/tests/src/Functional/EntityResource/Editor/EditorResourceTestBase.php
+++ b/core/modules/rest/tests/src/Functional/EntityResource/Editor/EditorResourceTestBase.php
@@ -48,7 +48,12 @@ protected function createEntity() {
         'filter_html' => [
           'status' => TRUE,
           'settings' => [
-            'allowed_html' => '<p> <a> <b> <lo>',
+            'allowed_html' => [
+              'p' => [],
+              'a' => [],
+              'b' => [],
+              'lo' => [],
+            ],
           ],
         ],
       ],
diff --git a/core/modules/rest/tests/src/Functional/EntityResource/FilterFormat/FilterFormatResourceTestBase.php b/core/modules/rest/tests/src/Functional/EntityResource/FilterFormat/FilterFormatResourceTestBase.php
index 4d65e00..5772343 100644
--- a/core/modules/rest/tests/src/Functional/EntityResource/FilterFormat/FilterFormatResourceTestBase.php
+++ b/core/modules/rest/tests/src/Functional/EntityResource/FilterFormat/FilterFormatResourceTestBase.php
@@ -41,7 +41,12 @@ protected function createEntity() {
         'filter_html' => [
           'status' => TRUE,
           'settings' => [
-            'allowed_html' => '<p> <a> <b> <lo>',
+            'allowed_html' => [
+              'p' => [],
+              'a' => [],
+              'b' => [],
+              'lo' => [],
+            ],
           ],
         ],
       ],
@@ -63,7 +68,12 @@ protected function getExpectedNormalizedEntity() {
           'status' => TRUE,
           'weight' => -10,
           'settings' => [
-            'allowed_html' => '<p> <a> <b> <lo>',
+            'allowed_html' => [
+              'p' => [],
+              'a' => [],
+              'b' => [],
+              'lo' => [],
+            ],
             'filter_html_help' => TRUE,
             'filter_html_nofollow' => FALSE,
           ],
diff --git a/core/modules/system/src/Tests/Update/FilterHtmlUpdateTest.php b/core/modules/system/src/Tests/Update/FilterHtmlUpdateTest.php
index 892b279..dd8f0d7 100644
--- a/core/modules/system/src/Tests/Update/FilterHtmlUpdateTest.php
+++ b/core/modules/system/src/Tests/Update/FilterHtmlUpdateTest.php
@@ -38,8 +38,83 @@ public function testAllowedHtmlUpdate() {
 
     // Make sure we have the expected values after the update.
     $filters_after = [
-      'basic_html' => '<a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h4 id> <h5 id> <h6 id> <p> <br> <span> <img src alt height width data-align data-caption>',
-      'restricted_html' => '<a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h4 id> <h5 id> <h6 id>',
+      'basic_html' => [
+        'a' => [
+          'href' => '*',
+          'hreflang' => '*',
+        ],
+        'em' => [],
+        'strong' => [],
+        'cite' => [],
+        'blockquote' => [
+          'cite' => '*',
+        ],
+        'code' => [],
+        'ul' => [
+          'type' => '*',
+        ],
+        'ol' => [
+          'start' => '*',
+          'type' => '*',
+        ],
+        'li' => [],
+        'dl' => [],
+        'dt' => [],
+        'dd' => [],
+        'h4' => [
+          'id' => '*',
+        ],
+        'h5' => [
+          'id' => '*',
+        ],
+        'h6' => [
+          'id' => '*',
+        ],
+        'p' => [],
+        'br' => [],
+        'span' => [],
+        'img' => [
+          'src' => '*',
+          'alt' => '*',
+          'height' => '*',
+          'width' => '*',
+          'data-align' => '*',
+          'data-caption' => '*',
+        ],
+      ],
+      'restricted_html' => [
+        'a' => [
+          'href' => '*',
+          'hreflang' => '*',
+        ],
+        'em' => [],
+        'strong' => [],
+        'cite' => [],
+        'blockquote' => [
+          'cite' => '*',
+        ],
+        'code' => [],
+        'ul' => [
+          'type' => '*',
+        ],
+        'ol' => [
+          'start' => '*',
+          'type' => '*',
+        ],
+        'li' => [],
+        'dl' => [],
+        'dt' => [],
+        'dd' => [],
+        'h4' => [
+          'id' => '*',
+        ],
+        'h5' => [
+          'id' => '*',
+        ],
+        'h6' => [
+          'id' => '*',
+        ],
+      ],
     ];
     foreach ($filters_after as $name => $after) {
       $config = FilterFormat::load($name)->toArray();
diff --git a/core/profiles/standard/config/install/filter.format.basic_html.yml b/core/profiles/standard/config/install/filter.format.basic_html.yml
index 92224c2..566c2b1 100644
--- a/core/profiles/standard/config/install/filter.format.basic_html.yml
+++ b/core/profiles/standard/config/install/filter.format.basic_html.yml
@@ -15,7 +15,47 @@ filters:
     status: true
     weight: -10
     settings:
-      allowed_html: '<a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id> <p> <br> <span> <img src alt height width data-entity-type data-entity-uuid data-align data-caption>'
+      allowed_html:
+        a:
+          href: '*'
+          hreflang: '*'
+        em: {  }
+        strong: {  }
+        cite: {  }
+        blockquote:
+          cite: '*'
+        code: {  }
+        ul:
+          type: '*'
+        ol:
+          start: '*'
+          type: '*'
+        li: {  }
+        dl: {  }
+        dt: {  }
+        dd: {  }
+        h2:
+          id: '*'
+        h3:
+          id: '*'
+        h4:
+          id: '*'
+        h5:
+          id: '*'
+        h6:
+          id: '*'
+        p: {  }
+        br: {  }
+        span: {  }
+        img:
+          src: '*'
+          alt: '*'
+          height: '*'
+          width: '*'
+          data-entity-type: '*'
+          data-entity-uuid: '*'
+          data-align: '*'
+          data-caption: '*'
       filter_html_help: false
       filter_html_nofollow: false
   filter_align:
diff --git a/core/profiles/standard/config/install/filter.format.restricted_html.yml b/core/profiles/standard/config/install/filter.format.restricted_html.yml
index 323d077..b7d4ded 100644
--- a/core/profiles/standard/config/install/filter.format.restricted_html.yml
+++ b/core/profiles/standard/config/install/filter.format.restricted_html.yml
@@ -13,7 +13,35 @@ filters:
     status: true
     weight: -10
     settings:
-      allowed_html: '<a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>'
+      allowed_html:
+        a:
+          href: '*'
+          hreflang: '*'
+        em: {  }
+        strong: {  }
+        cite: {  }
+        blockquote:
+          cite: '*'
+        code: {  }
+        ul:
+          type: '*'
+        ol:
+          start: '*'
+          type: '*'
+        li: {  }
+        dl: {  }
+        dt: {  }
+        dd: {  }
+        h2:
+          id: '*'
+        h3:
+          id: '*'
+        h4:
+          id: '*'
+        h5:
+          id: '*'
+        h6:
+          id: '*'
       filter_html_help: true
       filter_html_nofollow: false
   filter_autop: