diff --git a/src/wp-includes/class-wp-html-attribute-token.php b/src/wp-includes/class-wp-html-attribute-token.php
new file mode 100644
index 0000000000000..21147e30bfe1f
--- /dev/null
+++ b/src/wp-includes/class-wp-html-attribute-token.php
@@ -0,0 +1,93 @@
+<?php
+/**
+ * HTML Tag Processor: Attribute token structure class.
+ *
+ * @package WordPress
+ * @subpackage HTML
+ * @since 6.2.0
+ */
+
+if ( ! class_exists( 'WP_HTML_Attribute_Token' ) ) :
+
+/**
+ * Data structure for the attribute token that allows to drastically improve performance.
+ *
+ * This class is for internal usage of the WP_HTML_Tag_Processor class.
+ *
+ * @access private
+ * @since 6.2.0
+ *
+ * @see WP_HTML_Tag_Processor
+ */
+class WP_HTML_Attribute_Token {
+	/**
+	 * Attribute name.
+	 *
+	 * @since 6.2.0
+	 * @var string
+	 */
+	public $name;
+
+	/**
+	 * Attribute value.
+	 *
+	 * @since 6.2.0
+	 * @var int
+	 */
+	public $value_starts_at;
+
+	/**
+	 * How many bytes the value occupies in the input HTML.
+	 *
+	 * @since 6.2.0
+	 * @var int
+	 */
+	public $value_length;
+
+	/**
+	 * The string offset where the attribute name starts.
+	 *
+	 * @since 6.2.0
+	 * @var int
+	 */
+	public $start;
+
+	/**
+	 * The string offset after the attribute value or its name.
+	 *
+	 * @since 6.2.0
+	 * @var int
+	 */
+	public $end;
+
+	/**
+	 * Whether the attribute is a boolean attribute with value `true`.
+	 *
+	 * @since 6.2.0
+	 * @var bool
+	 */
+	public $is_true;
+
+	/**
+	 * Constructor.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param string $name         Attribute name.
+	 * @param int    $value_start  Attribute value.
+	 * @param int    $value_length Number of bytes attribute value spans.
+	 * @param int    $start        The string offset where the attribute name starts.
+	 * @param int    $end          The string offset after the attribute value or its name.
+	 * @param bool   $is_true      Whether the attribute is a boolean attribute with true value.
+	 */
+	public function __construct( $name, $value_start, $value_length, $start, $end, $is_true ) {
+		$this->name            = $name;
+		$this->value_starts_at = $value_start;
+		$this->value_length    = $value_length;
+		$this->start           = $start;
+		$this->end             = $end;
+		$this->is_true         = $is_true;
+	}
+}
+
+endif;
diff --git a/src/wp-includes/class-wp-html-span.php b/src/wp-includes/class-wp-html-span.php
new file mode 100644
index 0000000000000..376e391dc1c44
--- /dev/null
+++ b/src/wp-includes/class-wp-html-span.php
@@ -0,0 +1,56 @@
+<?php
+/**
+ * HTML Span: Represents a textual span inside an HTML document.
+ *
+ * @package WordPress
+ * @subpackage HTML
+ * @since 6.2.0
+ */
+
+if ( ! class_exists( 'WP_HTML_Span' ) ) :
+
+/**
+ * Represents a textual span inside an HTML document.
+ *
+ * This is a two-tuple in disguise, used to avoid the memory
+ * overhead involved in using an array for the same purpose.
+ *
+ * This class is for internal usage of the WP_HTML_Tag_Processor class.
+ *
+ * @access private
+ * @since 6.2.0
+ *
+ * @see WP_HTML_Tag_Processor
+ */
+class WP_HTML_Span {
+	/**
+	 * Byte offset into document where span begins.
+	 *
+	 * @since 6.2.0
+	 * @var int
+	 */
+	public $start;
+
+	/**
+	 * Byte offset into document where span ends.
+	 *
+	 * @since 6.2.0
+	 * @var int
+	 */
+	public $end;
+
+	/**
+	 * Constructor.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param int $start Byte offset into document where replacement span begins.
+	 * @param int $end   Byte offset into document where replacement span ends.
+	 */
+	public function __construct( $start, $end ) {
+		$this->start = $start;
+		$this->end   = $end;
+	}
+}
+
+endif;
diff --git a/src/wp-includes/class-wp-html-tag-processor.php b/src/wp-includes/class-wp-html-tag-processor.php
new file mode 100644
index 0000000000000..24e67a3adc83f
--- /dev/null
+++ b/src/wp-includes/class-wp-html-tag-processor.php
@@ -0,0 +1,2047 @@
+<?php
+/**
+ * Scans through an HTML document to find specific tags, then
+ * transforms those tags by adding, removing, or updating the
+ * values of the HTML attributes within that tag (opener).
+ *
+ * Does not fully parse HTML or _recurse_ into the HTML structure
+ * Instead this scans linearly through a document and only parses
+ * the HTML tag openers.
+ *
+ * @TODO: Unify language around "currently-opened tag."
+ * @TODO: Organize unit test cases into normative tests, edge-case tests, regression tests.
+ * @TODO: Clean up attribute token class after is_true addition
+ * @TODO: Prune whitespace when removing classes/attributes: e.g. "a b c" -> "c" not " c"
+ * @TODO: Skip over `/` in attributes area, split attribute names by `/`
+ * @TODO: Decode HTML references/entities in class names when matching.
+ *        E.g. match having class `1<"2` needs to recognize `class="1&lt;&quot;2"`.
+ * @TODO: Decode character references in `get_attribute()`
+ * @TODO: Properly escape attribute value in `set_attribute()`
+ * @TODO: Add slow mode to escape character entities in CSS class names?
+ *        (This requires a custom decoder since `html_entity_decode()`
+ *        doesn't handle attribute character reference decoding rules.
+ *
+ * @package WordPress
+ * @subpackage HTML
+ * @since 6.2.0
+ */
+
+if ( ! class_exists( 'WP_HTML_Tag_Processor' ) ) :
+
+/**
+ * Processes an input HTML document by applying a specified set
+ * of patches to that input. Tokenizes HTML but does not fully
+ * parse the input document.
+ *
+ * ## Usage
+ *
+ * Use of this class requires three steps:
+ *
+ *  1. Create a new class instance with your input HTML document.
+ *  2. Find the tag(s) you are looking for.
+ *  3. Request changes to the attributes in those tag(s).
+ *
+ * Example:
+ * ```php
+ *     $tags = new WP_HTML_Tag_Processor( $html );
+ *     if ( $tags->next_tag( [ 'tag_name' => 'option' ] ) ) {
+ *         $tags->set_attribute( 'selected', true );
+ *     }
+ * ```
+ *
+ * ### Finding tags
+ *
+ * The `next_tag()` function moves the internal cursor through
+ * your input HTML document until it finds a tag meeting any of
+ * the supplied restrictions in the optional query argument. If
+ * no argument is provided then it will find the next HTML tag,
+ * regardless of what kind it is.
+ *
+ * If you want to _find whatever the next tag is_:
+ * ```php
+ *     $tags->next_tag();
+ * ```
+ *
+ * | Goal                                                      | Query                                                                      |
+ * |-----------------------------------------------------------|----------------------------------------------------------------------------|
+ * | Find any tag.                                             | `$tags->next_tag();`                                                       |
+ * | Find next image tag.                                      | `$tags->next_tag( [ 'tag_name' => 'img' ] );`                              |
+ * | Find next tag containing the `fullwidth` CSS class.       | `$tags->next_tag( [ 'class_name' => 'fullwidth' ] );`                      |
+ * | Find next image tag containing the `fullwidth` CSS class. | `$tags->next_tag( [ 'tag_name' => 'img', 'class_name' => 'fullwidth' ] );` |
+ *
+ * If a tag was found meeting your criteria then `next_tag()`
+ * will return `true` and you can proceed to modify it. If it
+ * returns `false`, however, it failed to find the tag and
+ * moved the cursor to the end of the file.
+ *
+ * Once the cursor reaches the end of the file the processor
+ * is done and if you want to reach an earlier tag you will
+ * need to recreate the processor and start over. The internal
+ * cursor can only proceed forward, never backing up.
+ *
+ * #### Custom queries
+ *
+ * Sometimes it's necessary to further inspect an HTML tag than
+ * the query syntax here permits. In these cases one may further
+ * inspect the search results using the read-only functions
+ * provided by the processor or external state or variables.
+ *
+ * Example:
+ * ```php
+ *     // Paint up to the first five DIV or SPAN tags marked with the "jazzy" style.
+ *     $remaining_count = 5;
+ *     while ( $remaining_count > 0 && $tags->next_tag() ) {
+ *         if (
+ *              ( 'DIV' === $tags->get_tag() || 'SPAN' === $tags->get_tag() ) &&
+ *              'jazzy' === $tags->get_attribute( 'data-style' )
+ *         ) {
+ *             $tags->add_class( 'theme-style-everest-jazz' );
+ *             $remaining_count--;
+ *         }
+ *     }
+ * ```
+ *
+ * `get_attribute()` will return `null` if the attribute wasn't present
+ * on the tag when it was called. It may return `""` (the empty string)
+ * in cases where the attribute was present but its value was empty.
+ * For boolean attributes, those whose name is present but no value is
+ * given, it will return `true` (the only way to set `false` for an
+ * attribute is to remove it).
+ *
+ * ### Modifying HTML attributes for a found tag
+ *
+ * Once you've found the start of an opening tag you can modify
+ * any number of the attributes on that tag. You can set a new
+ * value for an attribute, remove the entire attribute, or do
+ * nothing and move on to the next opening tag.
+ *
+ * Example:
+ * ```php
+ *     if ( $tags->next_tag( [ 'class' => 'wp-group-block' ] ) ) {
+ *         $tags->set_attribute( 'title', 'This groups the contained content.' );
+ *         $tags->remove_attribute( 'data-test-id' );
+ *     }
+ * ```
+ *
+ * If `set_attribute()` is called for an existing attribute it will
+ * overwrite the existing value. Similarly, calling `remove_attribute()`
+ * for a non-existing attribute has no effect on the document. Both
+ * of these methods are safe to call without knowing if a given attribute
+ * exists beforehand.
+ *
+ * ### Modifying CSS classes for a found tag
+ *
+ * The tag processor treats the `class` attribute as a special case.
+ * Because it's a common operation to add or remove CSS classes you
+ * can do so using this interface.
+ *
+ * As with attribute values, adding or removing CSS classes is a safe
+ * operation that doesn't require checking if the attribute or class
+ * exists before making changes. If removing the only class then the
+ * entire `class` attribute will be removed.
+ *
+ * Example:
+ * ```php
+ *     // from `<span>Yippee!</span>`
+ *     //   to `<span class="is-active">Yippee!</span>`
+ *     $tags->add_class( 'is-active' );
+ *
+ *     // from `<span class="excited">Yippee!</span>`
+ *     //   to `<span class="excited is-active">Yippee!</span>`
+ *     $tags->add_class( 'is-active' );
+ *
+ *     // from `<span class="is-active heavy-accent">Yippee!</span>`
+ *     //   to `<span class="is-active heavy-accent">Yippee!</span>`
+ *     $tags->add_class( 'is-active' );
+ *
+ *     // from `<input type="text" class="is-active rugby not-disabled" length="24">`
+ *     //   to `<input type="text" class="is-active not-disabled" length="24">
+ *     $tags->remove_class( 'rugby' );
+ *
+ *     // from `<input type="text" class="rugby" length="24">`
+ *     //   to `<input type="text" length="24">
+ *     $tags->remove_class( 'rugby' );
+ *
+ *     // from `<input type="text" length="24">`
+ *     //   to `<input type="text" length="24">
+ *     $tags->remove_class( 'rugby' );
+ * ```
+ *
+ * ## Design limitations
+ *
+ * @TODO: Expand this section
+ *
+ *  - No nesting: cannot match open and close tag.
+ *  - Class names are not decoded if they contain character references.
+ *
+ * @since 6.2.0
+ */
+class WP_HTML_Tag_Processor {
+	/**
+	 * The maximum number of bookmarks allowed to exist at
+	 * any given time.
+	 *
+	 * @see set_bookmark();
+	 * @since 6.2.0
+	 * @var int
+	 */
+	const MAX_BOOKMARKS = 10;
+
+	/**
+	 * Maximum number of times seek() can be called.
+	 * Prevents accidental infinite loops.
+	 *
+	 * @see seek()
+	 * @since 6.2.0
+	 * @var int
+	 */
+	const MAX_SEEK_OPS = 1000;
+
+	/**
+	 * The HTML document to parse.
+	 *
+	 * @since 6.2.0
+	 * @var string
+	 */
+	private $html;
+
+	/**
+	 * The last query passed to next_tag().
+	 *
+	 * @since 6.2.0
+	 * @var array|null
+	 */
+	private $last_query;
+
+	/**
+	 * The tag name this processor currently scans for.
+	 *
+	 * @since 6.2.0
+	 * @var string|null
+	 */
+	private $sought_tag_name;
+
+	/**
+	 * The CSS class name this processor currently scans for.
+	 *
+	 * @since 6.2.0
+	 * @var string|null
+	 */
+	private $sought_class_name;
+
+	/**
+	 * The match offset this processor currently scans for.
+	 *
+	 * @since 6.2.0
+	 * @var int|null
+	 */
+	private $sought_match_offset;
+
+	/**
+	 * Whether to visit tag closers, e.g. </div>, when walking an input document.
+	 *
+	 * @since 6.2.0
+	 * @var boolean
+	 */
+	private $stop_on_tag_closers;
+
+	/**
+	 * The updated HTML document.
+	 *
+	 * @since 6.2.0
+	 * @var string
+	 */
+	private $updated_html = '';
+
+	/**
+	 * How many bytes from the original HTML document were already read.
+	 *
+	 * @since 6.2.0
+	 * @var int
+	 */
+	private $parsed_bytes = 0;
+
+	/**
+	 * How many bytes from the original HTML document were already treated
+	 * with the requested replacements.
+	 *
+	 * @since 6.2.0
+	 * @var int
+	 */
+	private $updated_bytes = 0;
+
+	/**
+	 * Byte offset in input document where current tag name starts.
+	 *
+	 * Example:
+	 * ```
+	 *   <div id="test">...
+	 *   01234
+	 *    - tag name starts at 1
+	 * ```
+	 *
+	 * @since 6.2.0
+	 * @var ?int
+	 */
+	private $tag_name_starts_at;
+
+	/**
+	 * Byte length of current tag name.
+	 *
+	 * Example:
+	 * ```
+	 *   <div id="test">...
+	 *   01234
+	 *    --- tag name length is 3
+	 * ```
+	 *
+	 * @since 6.2.0
+	 * @var ?int
+	 */
+	private $tag_name_length;
+
+	/**
+	 * Byte offset in input document where current tag token ends.
+	 *
+	 * Example:
+	 * ```
+	 *   <div id="test">...
+	 *   0         1   |
+	 *   01234567890123456
+	 *    --- tag name ends at 14
+	 * ```
+	 *
+	 * @since 6.2.0
+	 * @var ?int
+	 */
+	private $tag_ends_at;
+
+	/**
+	 * Whether the current tag is an opening tag, e.g. <div>, or a closing tag, e.g. </div>.
+	 *
+	 * @var boolean
+	 */
+	private $is_closing_tag;
+
+	/**
+	 * Lazily-built index of attributes found within an HTML tag, keyed by the attribute name.
+	 *
+	 * Example:
+	 * <code>
+	 *     // supposing the parser is working through this content
+	 *     // and stops after recognizing the `id` attribute
+	 *     // <div id="test-4" class=outline title="data:text/plain;base64=asdk3nk1j3fo8">
+	 *     //                 ^ parsing will continue from this point
+	 *     $this->attributes = [
+	 *         'id' => new WP_HTML_Attribute_Match( 'id', null, 6, 17 )
+	 *     ];
+	 *
+	 *     // when picking up parsing again, or when asking to find the
+	 *     // `class` attribute we will continue and add to this array
+	 *     $this->attributes = [
+	 *         'id'    => new WP_HTML_Attribute_Match( 'id', null, 6, 17 ),
+	 *         'class' => new WP_HTML_Attribute_Match( 'class', 'outline', 18, 32 )
+	 *     ];
+	 *
+	 *     // Note that only the `class` attribute value is stored in the index.
+	 *     // That's because it is the only value used by this class at the moment.
+	 * </code>
+	 *
+	 * @since 6.2.0
+	 * @var WP_HTML_Attribute_Token[]
+	 */
+	private $attributes = array();
+
+	/**
+	 * Which class names to add or remove from a tag.
+	 *
+	 * These are tracked separately from attribute updates because they are
+	 * semantically distinct, whereas this interface exists for the common
+	 * case of adding and removing class names while other attributes are
+	 * generally modified as with DOM `setAttribute` calls.
+	 *
+	 * When modifying an HTML document these will eventually be collapsed
+	 * into a single lexical update to replace the `class` attribute.
+	 *
+	 * Example:
+	 * <code>
+	 *     // Add the `wp-block-group` class, remove the `wp-group` class.
+	 *     $classname_updates = [
+	 *         // Indexed by a comparable class name
+	 *         'wp-block-group' => WP_HTML_Tag_Processor::ADD_CLASS,
+	 *         'wp-group'       => WP_HTML_Tag_Processor::REMOVE_CLASS
+	 *     ];
+	 * </code>
+	 *
+	 * @since 6.2.0
+	 * @var bool[]
+	 */
+	private $classname_updates = array();
+
+	/**
+	 * Tracks a semantic location in the original HTML which
+	 * shifts with updates as they are applied to the document.
+	 *
+	 * @since 6.2.0
+	 * @var WP_HTML_Span[]
+	 */
+	private $bookmarks = array();
+
+	const ADD_CLASS    = true;
+	const REMOVE_CLASS = false;
+	const SKIP_CLASS   = null;
+
+	/**
+	 * Lexical replacements to apply to input HTML document.
+	 *
+	 * HTML modifications collapse into lexical replacements in order to
+	 * provide an efficient mechanism to update documents lazily and in
+	 * order to support a variety of semantic modifications without
+	 * building a complicated parsing machinery. That is, it's up to
+	 * the calling class to generate the lexical modification from the
+	 * semantic change requested.
+	 *
+	 * Example:
+	 * <code>
+	 *     // Replace an attribute stored with a new value, indices
+	 *     // sourced from the lazily-parsed HTML recognizer.
+	 *     $start = $attributes['src']->start;
+	 *     $end   = $attributes['src']->end;
+	 *     $modifications[] = new WP_HTML_Text_Replacement( $start, $end, get_the_post_thumbnail_url() );
+	 *
+	 *     // Correspondingly, something like this
+	 *     // will appear in the replacements array.
+	 *     $replacements = [
+	 *         WP_HTML_Text_Replacement( 14, 28, 'https://my-site.my-domain/wp-content/uploads/2014/08/kittens.jpg' )
+	 *     ];
+	 * </code>
+	 *
+	 * @since 6.2.0
+	 * @var WP_HTML_Text_Replacement[]
+	 */
+	private $lexical_updates = array();
+
+	/**
+	 * Tracks how many times we've performed a `seek()`
+	 * so that we can prevent accidental infinite loops.
+	 *
+	 * @see seek
+	 * @since 6.2.0
+	 * @var int
+	 */
+	private $seek_count = 0;
+
+	/**
+	 * Constructor.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param string $html HTML to process.
+	 */
+	public function __construct( $html ) {
+		$this->html = $html;
+	}
+
+	/**
+	 * Finds the next tag matching the $query.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param array|string $query {
+	 *     Which tag name to find, having which class, etc.
+	 *
+	 *     @type string|null $tag_name     Which tag to find, or `null` for "any tag."
+	 *     @type int|null    $match_offset Find the Nth tag matching all search criteria.
+	 *                                     0 for "first" tag, 2 for "third," etc.
+	 *                                     Defaults to first tag.
+	 *     @type string|null $class_name   Tag must contain this whole class name to match.
+	 * }
+	 * @return boolean Whether a tag was matched.
+	 */
+	public function next_tag( $query = null ) {
+		$this->parse_query( $query );
+		$already_found = 0;
+
+		do {
+			if ( $this->parsed_bytes >= strlen( $this->html ) ) {
+				return false;
+			}
+
+			/*
+			 * Unfortunately we can't try to search for only the tag name we want because that might
+			 * lead us to skip over other tags and lose track of our place. So we need to search for
+			 * _every_ tag and then check after we find one if it's the one we are looking for.
+			 */
+			if ( false === $this->parse_next_tag() ) {
+				$this->parsed_bytes = strlen( $this->html );
+
+				return false;
+			}
+
+			while ( $this->parse_next_attribute() ) {
+				continue;
+			}
+
+			$tag_ends_at = strpos( $this->html, '>', $this->parsed_bytes );
+			if ( false === $tag_ends_at ) {
+				return false;
+			}
+			$this->tag_ends_at  = $tag_ends_at;
+			$this->parsed_bytes = $tag_ends_at;
+
+			if ( $this->matches() ) {
+				++$already_found;
+			}
+
+			// Avoid copying the tag name string when possible.
+			$t = $this->html[ $this->tag_name_starts_at ];
+			if ( 's' === $t || 'S' === $t || 't' === $t || 'T' === $t ) {
+				$tag_name = $this->get_tag();
+
+				if ( 'SCRIPT' === $tag_name && ! $this->skip_script_data() ) {
+					$this->parsed_bytes = strlen( $this->html );
+					return false;
+				} elseif (
+					( 'TEXTAREA' === $tag_name || 'TITLE' === $tag_name ) &&
+					! $this->skip_rcdata( $tag_name )
+				) {
+					$this->parsed_bytes = strlen( $this->html );
+					return false;
+				}
+			}
+		} while ( $already_found < $this->sought_match_offset );
+
+		return true;
+	}
+
+
+	/**
+	 * Sets a bookmark in the HTML document.
+	 *
+	 * Bookmarks represent specific places or tokens in the HTML
+	 * document, such as a tag opener or closer. When applying
+	 * edits to a document, such as setting an attribute, the
+	 * text offsets of that token may shift; the bookmark is
+	 * kept updated with those shifts and remains stable unless
+	 * the entire span of text in which the token sits is removed.
+	 *
+	 * Release bookmarks when they are no longer needed.
+	 *
+	 * Example:
+	 * ```
+	 *     <main><h2>Surprising fact you may not know!</h2></main>
+	 *           ^  ^
+	 *            \-|-- this `H2` opener bookmark tracks the token
+	 *
+	 *     <main class="clickbait"><h2>Surprising fact you may no…
+	 *                             ^  ^
+	 *                              \-|-- it shifts with edits
+	 * ```
+	 *
+	 * Bookmarks provide the ability to seek to a previously-scanned
+	 * place in the HTML document. This avoids the need to re-scan
+	 * the entire thing.
+	 *
+	 * Example:
+	 * ```
+	 *     <ul><li>One</li><li>Two</li><li>Three</li></ul>
+	 *                                 ^^^^
+	 *                                 want to note this last item
+	 *
+	 *     $p = new WP_HTML_Tag_Processor( $html );
+	 *     $in_list = false;
+	 *     while ( $p->next_tag( [ 'tag_closers' => $in_list ? 'visit' : 'skip' ] ) ) {
+	 *         if ( 'UL' === $p->get_tag() ) {
+	 *             if ( $p->is_tag_closer() ) {
+	 *                 $in_list = false;
+	 *                 $p->set_bookmark( 'resume' );
+	 *                 if ( $p->seek( 'last-li' ) ) {
+	 *                     $p->add_class( 'last-li' );
+	 *                 }
+	 *                 $p->seek( 'resume' );
+	 *                 $p->release_bookmark( 'last-li' );
+	 *                 $p->release_bookmark( 'resume' );
+	 *             } else {
+	 *                 $in_list = true;
+	 *             }
+	 *         }
+	 *
+	 *         if ( 'LI' === $p->get_tag() ) {
+	 *             $p->set_bookmark( 'last-li' );
+	 *         }
+	 *     }
+	 * ```
+	 *
+	 * Because bookmarks maintain their position they don't
+	 * expose any internal offsets for the HTML document
+	 * and can't be used with normal string functions.
+	 *
+	 * Because bookmarks allocate memory and require processing
+	 * for every applied update they are limited and require
+	 * a name. They should not be created inside a loop.
+	 *
+	 * Bookmarks are a powerful tool to enable complicated behavior;
+	 * consider double-checking that you need this tool if you are
+	 * reaching for it, as inappropriate use could lead to broken
+	 * HTML structure or unwanted processing overhead.
+	 *
+	 * @param string $name Identifies this particular bookmark.
+	 * @return false|void
+	 * @throws Exception Throws on invalid bookmark name if WP_DEBUG set.
+	 */
+	public function set_bookmark( $name ) {
+		if ( null === $this->tag_name_starts_at ) {
+			return false;
+		}
+
+		if ( ! array_key_exists( $name, $this->bookmarks ) && count( $this->bookmarks ) >= self::MAX_BOOKMARKS ) {
+			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
+				throw new Exception( "Tried to jump to a non-existent HTML bookmark {$name}." );
+			}
+			return false;
+		}
+
+		$this->bookmarks[ $name ] = new WP_HTML_Span(
+			$this->tag_name_starts_at - 1,
+			$this->tag_ends_at
+		);
+
+		return true;
+	}
+
+
+	/**
+	 * Removes a bookmark if you no longer need to use it.
+	 *
+	 * Releasing a bookmark frees up the small performance
+	 * overhead they require, mainly in the form of compute
+	 * costs when modifying the document.
+	 *
+	 * @param string $name Name of the bookmark to remove.
+	 * @return bool
+	 */
+	public function release_bookmark( $name ) {
+		if ( ! array_key_exists( $name, $this->bookmarks ) ) {
+			return false;
+		}
+
+		unset( $this->bookmarks[ $name ] );
+
+		return true;
+	}
+
+
+	/**
+	 * Skips the contents of the title and textarea tags until an appropriate
+	 * tag closer is found.
+	 *
+	 * @see https://html.spec.whatwg.org/multipage/parsing.html#rcdata-state
+	 * @param string $tag_name – the lowercase tag name which will close the RCDATA region.
+	 * @since 6.2.0
+	 */
+	private function skip_rcdata( $tag_name ) {
+		$html       = $this->html;
+		$doc_length = strlen( $html );
+		$tag_length = strlen( $tag_name );
+
+		$at = $this->parsed_bytes;
+
+		while ( false !== $at && $at < $doc_length ) {
+			$at = strpos( $this->html, '</', $at );
+
+			// If we have no possible tag closer then fail.
+			if ( false === $at || ( $at + $tag_length ) >= $doc_length ) {
+				$this->parsed_bytes = $doc_length;
+				return false;
+			}
+
+			$at += 2;
+
+			/*
+			 * We have to find a case-insensitive match to the tag name.
+			 * Note also that since tag names are limited to US-ASCII
+			 * characters we can ignore any kind of Unicode normalizing
+			 * forms when comparing. If we get a non-ASCII character it
+			 * will never be a match.
+			 */
+			for ( $i = 0; $i < $tag_length; $i++ ) {
+				$tag_char  = $tag_name[ $i ];
+				$html_char = $html[ $at + $i ];
+
+				if ( $html_char !== $tag_char && strtoupper( $html_char ) !== $tag_char ) {
+					$at += $i;
+					continue 2;
+				}
+			}
+
+			$at                += $tag_length;
+			$this->parsed_bytes = $at;
+
+			/*
+			 * Ensure we terminate the tag name, otherwise we might,
+			 * for example, accidentally match the sequence
+			 * "</textarearug>" for "</textarea>".
+			 */
+			$c = $html[ $at ];
+			if ( ' ' !== $c && "\t" !== $c && "\r" !== $c && "\n" !== $c && '/' !== $c && '>' !== $c ) {
+				continue;
+			}
+
+			while ( $this->parse_next_attribute() ) {
+				continue;
+			}
+			$at = $this->parsed_bytes;
+			if ( $at >= strlen( $this->html ) ) {
+				return false;
+			}
+
+			if ( '>' === $html[ $at ] || '/' === $html[ $at ] ) {
+				++$this->parsed_bytes;
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	/**
+	 * Skips the contents of <script> tags.
+	 *
+	 * @since 6.2.0
+	 */
+	private function skip_script_data() {
+		$state      = 'unescaped';
+		$html       = $this->html;
+		$doc_length = strlen( $html );
+		$at         = $this->parsed_bytes;
+
+		while ( false !== $at && $at < $doc_length ) {
+			$at += strcspn( $html, '-<', $at );
+
+			/*
+			 * Regardless of the state we're in, a "-->"
+			 * will break out of it and bring us back
+			 * into the normal unescaped script mode.
+			 */
+			if (
+				$at + 2 < $doc_length &&
+				'-' === $html[ $at ] &&
+				'-' === $html[ $at + 1 ] &&
+				'>' === $html[ $at + 2 ]
+			) {
+				$at   += 3;
+				$state = 'unescaped';
+				continue;
+			}
+
+			// Everything past here has to start with "<".
+			if ( $at + 1 >= $doc_length || '<' !== $html[ $at++ ] ) {
+				continue;
+			}
+
+			/*
+			 * On the other hand, "<!--" only enters the
+			 * escaped mode if we aren't already there.
+			 *
+			 * Inside the escaped modes it's ignored and
+			 * shouldn't ever pull us out of double-escaped
+			 * and back into escaped.
+			 *
+			 * We'll continue parsing past it regardless of
+			 * our state though to avoid backtracking once
+			 * we recognize the snippet.
+			 */
+			if (
+				$at + 2 < $doc_length &&
+				'!' === $html[ $at ] &&
+				'-' === $html[ $at + 1 ] &&
+				'-' === $html[ $at + 2 ]
+			) {
+				$at   += 3;
+				$state = 'unescaped' === $state ? 'escaped' : $state;
+				continue;
+			}
+
+			if ( '/' === $html[ $at ] ) {
+				$is_closing = true;
+				++$at;
+			} else {
+				$is_closing = false;
+			}
+
+			/*
+			 * At this point we're only examining state-changes based off of
+			 * the <script> or </script> tags, so if we're not seeing the
+			 * start of one of these tokens we can proceed to the next
+			 * potential match in the text.
+			 */
+			if ( ! (
+				$at + 6 < $doc_length &&
+				( 's' === $html[ $at ] || 'S' === $html[ $at ] ) &&
+				( 'c' === $html[ $at + 1 ] || 'C' === $html[ $at + 1 ] ) &&
+				( 'r' === $html[ $at + 2 ] || 'R' === $html[ $at + 2 ] ) &&
+				( 'i' === $html[ $at + 3 ] || 'I' === $html[ $at + 3 ] ) &&
+				( 'p' === $html[ $at + 4 ] || 'P' === $html[ $at + 4 ] ) &&
+				( 't' === $html[ $at + 5 ] || 'T' === $html[ $at + 5 ] )
+			) ) {
+				++$at;
+				continue;
+			}
+
+			/*
+			 * We also have to make sure we terminate the script tag opener/closer
+			 * to avoid making partial matches on strings like `<script123`.
+			 */
+			if ( $at + 6 >= $doc_length ) {
+				continue;
+			}
+			$at += 6;
+			$c   = $html[ $at ];
+			if ( ' ' !== $c && "\t" !== $c && "\r" !== $c && "\n" !== $c && '/' !== $c && '>' !== $c ) {
+				++$at;
+				continue;
+			}
+
+			if ( 'escaped' === $state && ! $is_closing ) {
+				$state = 'double-escaped';
+				continue;
+			}
+
+			if ( 'double-escaped' === $state && $is_closing ) {
+				$state = 'escaped';
+				continue;
+			}
+
+			if ( $is_closing ) {
+				$this->parsed_bytes = $at;
+				if ( $this->parsed_bytes >= $doc_length ) {
+					return false;
+				}
+
+				while ( $this->parse_next_attribute() ) {
+					continue;
+				}
+
+				if ( '>' === $html[ $this->parsed_bytes ] ) {
+					++$this->parsed_bytes;
+					return true;
+				}
+			}
+
+			++$at;
+		}
+
+		return false;
+	}
+
+	/**
+	 * Parses the next tag.
+	 *
+	 * @since 6.2.0
+	 */
+	private function parse_next_tag() {
+		$this->after_tag();
+
+		$html       = $this->html;
+		$doc_length = strlen( $html );
+		$at         = $this->parsed_bytes;
+
+		while ( false !== $at && $at < $doc_length ) {
+			$at = strpos( $html, '<', $at );
+			if ( false === $at ) {
+				return false;
+			}
+
+			if ( '/' === $this->html[ $at + 1 ] ) {
+				$this->is_closing_tag = true;
+				$at++;
+			} else {
+				$this->is_closing_tag = false;
+			}
+
+			/*
+			 * HTML tag names must start with [a-zA-Z] otherwise they are not tags.
+			 * For example, "<3" is rendered as text, not a tag opener. This means
+			 * if we have at least one letter following the "<" then we _do_ have
+			 * a tag opener and can process it as such. This is more common than
+			 * HTML comments, DOCTYPE tags, and other structure starting with "<"
+			 * so it's good to check first for the presence of the tag.
+			 *
+			 * Reference:
+			 * * https://html.spec.whatwg.org/multipage/parsing.html#data-state
+			 * * https://html.spec.whatwg.org/multipage/parsing.html#tag-open-state
+			 */
+			$tag_name_prefix_length = strspn( $html, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', $at + 1 );
+			if ( $tag_name_prefix_length > 0 ) {
+				++$at;
+				$this->tag_name_length    = $tag_name_prefix_length + strcspn( $html, " \t\f\r\n/>", $at + $tag_name_prefix_length );
+				$this->tag_name_starts_at = $at;
+				$this->parsed_bytes       = $at + $this->tag_name_length;
+				return true;
+			}
+
+			// If we didn't find a tag opener, and we can't be
+			// transitioning into different markup states, then
+			// we can abort because there aren't any more tags.
+			if ( $at + 1 >= strlen( $html ) ) {
+				return false;
+			}
+
+			// <! transitions to markup declaration open state
+			// https://html.spec.whatwg.org/multipage/parsing.html#markup-declaration-open-state
+			if ( '!' === $html[ $at + 1 ] ) {
+				// <!-- transitions to a bogus comment state – we can skip to the nearest -->
+				// https://html.spec.whatwg.org/multipage/parsing.html#tag-open-state
+				if (
+					strlen( $html ) > $at + 3 &&
+					'-' === $html[ $at + 2 ] &&
+					'-' === $html[ $at + 3 ]
+				) {
+					$closer_at = strpos( $html, '-->', $at + 4 );
+					if ( false === $closer_at ) {
+						return false;
+					}
+
+					$at = $closer_at + 3;
+					continue;
+				}
+
+				// <![CDATA[ transitions to CDATA section state – we can skip to the nearest ]]>
+				// The CDATA is case-sensitive.
+				// https://html.spec.whatwg.org/multipage/parsing.html#tag-open-state
+				if (
+					strlen( $html ) > $at + 8 &&
+					'[' === $html[ $at + 2 ] &&
+					'C' === $html[ $at + 3 ] &&
+					'D' === $html[ $at + 4 ] &&
+					'A' === $html[ $at + 5 ] &&
+					'T' === $html[ $at + 6 ] &&
+					'A' === $html[ $at + 7 ] &&
+					'[' === $html[ $at + 8 ]
+				) {
+					$closer_at = strpos( $html, ']]>', $at + 9 );
+					if ( false === $closer_at ) {
+						return false;
+					}
+
+					$at = $closer_at + 3;
+					continue;
+				}
+
+				/*
+				 * <!DOCTYPE transitions to DOCTYPE state – we can skip to the nearest >
+				 * These are ASCII-case-insensitive.
+				 * https://html.spec.whatwg.org/multipage/parsing.html#tag-open-state
+				 */
+				if (
+					strlen( $html ) > $at + 8 &&
+					'D' === strtoupper( $html[ $at + 2 ] ) &&
+					'O' === strtoupper( $html[ $at + 3 ] ) &&
+					'C' === strtoupper( $html[ $at + 4 ] ) &&
+					'T' === strtoupper( $html[ $at + 5 ] ) &&
+					'Y' === strtoupper( $html[ $at + 6 ] ) &&
+					'P' === strtoupper( $html[ $at + 7 ] ) &&
+					'E' === strtoupper( $html[ $at + 8 ] )
+				) {
+					$closer_at = strpos( $html, '>', $at + 9 );
+					if ( false === $closer_at ) {
+						return false;
+					}
+
+					$at = $closer_at + 1;
+					continue;
+				}
+
+				/*
+				 * Anything else here is an incorrectly-opened comment and transitions
+				 * to the bogus comment state - we can skip to the nearest >.
+				 */
+				$at = strpos( $html, '>', $at + 1 );
+				continue;
+			}
+
+			/*
+			 * <? transitions to a bogus comment state – we can skip to the nearest >
+			 * https://html.spec.whatwg.org/multipage/parsing.html#tag-open-state
+			 */
+			if ( '?' === $html[ $at + 1 ] ) {
+				$closer_at = strpos( $html, '>', $at + 2 );
+				if ( false === $closer_at ) {
+					return false;
+				}
+
+				$at = $closer_at + 1;
+				continue;
+			}
+
+			++$at;
+		}
+
+		return false;
+	}
+
+	/**
+	 * Parses the next attribute.
+	 *
+	 * @since 6.2.0
+	 */
+	private function parse_next_attribute() {
+		// Skip whitespace and slashes.
+		$this->parsed_bytes += strspn( $this->html, " \t\f\r\n/", $this->parsed_bytes );
+		if ( $this->parsed_bytes >= strlen( $this->html ) ) {
+			return false;
+		}
+
+		/*
+		 * Treat the equal sign ("=") as a part of the attribute name if it is the
+		 * first encountered byte:
+		 * https://html.spec.whatwg.org/multipage/parsing.html#before-attribute-name-state
+		 */
+		$name_length = '=' === $this->html[ $this->parsed_bytes ]
+			? 1 + strcspn( $this->html, "=/> \t\f\r\n", $this->parsed_bytes + 1 )
+			: strcspn( $this->html, "=/> \t\f\r\n", $this->parsed_bytes );
+
+		// No attribute, just tag closer.
+		if ( 0 === $name_length || $this->parsed_bytes + $name_length >= strlen( $this->html ) ) {
+			return false;
+		}
+
+		$attribute_start     = $this->parsed_bytes;
+		$attribute_name      = substr( $this->html, $attribute_start, $name_length );
+		$this->parsed_bytes += $name_length;
+		if ( $this->parsed_bytes >= strlen( $this->html ) ) {
+			return false;
+		}
+
+		$this->skip_whitespace();
+		if ( $this->parsed_bytes >= strlen( $this->html ) ) {
+			return false;
+		}
+
+		$has_value = '=' === $this->html[ $this->parsed_bytes ];
+		if ( $has_value ) {
+			++$this->parsed_bytes;
+			$this->skip_whitespace();
+			if ( $this->parsed_bytes >= strlen( $this->html ) ) {
+				return false;
+			}
+
+			switch ( $this->html[ $this->parsed_bytes ] ) {
+				case "'":
+				case '"':
+					$quote              = $this->html[ $this->parsed_bytes ];
+					$value_start        = $this->parsed_bytes + 1;
+					$value_length       = strcspn( $this->html, $quote, $value_start );
+					$attribute_end      = $value_start + $value_length + 1;
+					$this->parsed_bytes = $attribute_end;
+					break;
+
+				default:
+					$value_start        = $this->parsed_bytes;
+					$value_length       = strcspn( $this->html, "> \t\f\r\n", $value_start );
+					$attribute_end      = $value_start + $value_length;
+					$this->parsed_bytes = $attribute_end;
+			}
+		} else {
+			$value_start   = $this->parsed_bytes;
+			$value_length  = 0;
+			$attribute_end = $attribute_start + $name_length;
+		}
+
+		if ( $attribute_end >= strlen( $this->html ) ) {
+			return false;
+		}
+
+		if ( $this->is_closing_tag ) {
+			return true;
+		}
+
+		/*
+		 * > There must never be two or more attributes on
+		 * > the same start tag whose names are an ASCII
+		 * > case-insensitive match for each other.
+		 *     - HTML 5 spec
+		 *
+		 * @see https://html.spec.whatwg.org/multipage/syntax.html#attributes-2:ascii-case-insensitive
+		 */
+		$comparable_name = strtolower( $attribute_name );
+
+		// If an attribute is listed many times, only use the first declaration and ignore the rest.
+		if ( ! array_key_exists( $comparable_name, $this->attributes ) ) {
+			$this->attributes[ $comparable_name ] = new WP_HTML_Attribute_Token(
+				$attribute_name,
+				$value_start,
+				$value_length,
+				$attribute_start,
+				$attribute_end,
+				! $has_value
+			);
+		}
+
+		return $this->attributes[ $comparable_name ];
+	}
+
+	/**
+	 * Move the pointer past any immediate successive whitespace.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @return void
+	 */
+	private function skip_whitespace() {
+		$this->parsed_bytes += strspn( $this->html, " \t\f\r\n", $this->parsed_bytes );
+	}
+
+	/**
+	 * Applies attribute updates and cleans up once a tag is fully parsed.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @return void
+	 */
+	private function after_tag() {
+		$this->class_name_updates_to_attributes_updates();
+		$this->apply_attributes_updates();
+		$this->tag_name_starts_at = null;
+		$this->tag_name_length    = null;
+		$this->tag_ends_at        = null;
+		$this->is_closing_tag     = null;
+		$this->attributes         = array();
+	}
+
+	/**
+	 * Converts class name updates into tag attributes updates
+	 * (they are accumulated in different data formats for performance).
+	 *
+	 * @return void
+	 * @since 6.2.0
+	 *
+	 * @see $classname_updates
+	 * @see $lexical_updates
+	 */
+	private function class_name_updates_to_attributes_updates() {
+		if ( count( $this->classname_updates ) === 0 ) {
+			return;
+		}
+
+		$existing_class = $this->get_enqueued_attribute_value( 'class' );
+		if ( null === $existing_class || true === $existing_class ) {
+			$existing_class = '';
+		}
+
+		if ( false === $existing_class && isset( $this->attributes['class'] ) ) {
+			$existing_class = substr(
+				$this->html,
+				$this->attributes['class']->value_starts_at,
+				$this->attributes['class']->value_length
+			);
+		}
+
+		if ( false === $existing_class ) {
+			$existing_class = '';
+		}
+
+		/**
+		 * Updated "class" attribute value.
+		 *
+		 * This is incrementally built as we scan through the existing class
+		 * attribute, omitting removed classes as we do so, and then appending
+		 * added classes at the end. Only when we're done processing will the
+		 * value contain the final new value.
+
+		 * @var string
+		 */
+		$class = '';
+
+		/**
+		 * Tracks the cursor position in the existing class
+		 * attribute value where we're currently parsing.
+		 *
+		 * @var integer
+		 */
+		$at = 0;
+
+		/**
+		 * Indicates if we have made any actual modifications to the existing
+		 * class attribute value, used to short-circuit string copying.
+		 *
+		 * It's possible that we are intending to remove certain classes and
+		 * add others in such a way that we don't modify the existing value
+		 * because calls to `add_class()` and `remove_class()` occur
+		 * independent of the input values sent to the WP_HTML_Tag_Processor. That is, we
+		 * might call `remove_class()` for a class that isn't already present
+		 * and we might call `add_class()` for one that is, in which case we
+		 * wouldn't need to break apart the string and rebuild it.
+		 *
+		 * This flag is set upon the first change that requires a string update.
+		 *
+		 * @var boolean
+		 */
+		$modified = false;
+
+		// Remove unwanted classes by only copying the new ones.
+		$existing_class_length = strlen( $existing_class );
+		while ( $at < $existing_class_length ) {
+			// Skip to the first non-whitespace character.
+			$ws_at     = $at;
+			$ws_length = strspn( $existing_class, " \t\f\r\n", $ws_at );
+			$at       += $ws_length;
+
+			// Capture the class name – it's everything until the next whitespace.
+			$name_length = strcspn( $existing_class, " \t\f\r\n", $at );
+			if ( 0 === $name_length ) {
+				// We're done, no more class names.
+				break;
+			}
+
+			$name = substr( $existing_class, $at, $name_length );
+			$at  += $name_length;
+
+			// If this class is marked for removal, start processing the next one.
+			$remove_class = (
+				isset( $this->classname_updates[ $name ] ) &&
+				self::REMOVE_CLASS === $this->classname_updates[ $name ]
+			);
+
+			// Once we've seen a class, we should never add it again.
+			if ( ! $remove_class ) {
+				$this->classname_updates[ $name ] = self::SKIP_CLASS;
+			}
+
+			if ( $remove_class ) {
+				$modified = true;
+				continue;
+			}
+
+			/*
+			 * Otherwise, append it to the new "class" attribute value.
+			 *
+			 * By preserving the existing whitespace instead of only adding a single
+			 * space (which is a valid transformation we can make) we'll introduce
+			 * fewer changes to the HTML content and hopefully make comparing
+			 * before/after easier for people trying to debug the modified output.
+			 */
+			$class .= substr( $existing_class, $ws_at, $ws_length );
+			$class .= $name;
+		}
+
+		// Add new classes by appending the ones we haven't already seen.
+		foreach ( $this->classname_updates as $name => $operation ) {
+			if ( self::ADD_CLASS === $operation ) {
+				$modified = true;
+
+				$class .= strlen( $class ) > 0 ? ' ' : '';
+				$class .= $name;
+			}
+		}
+
+		$this->classname_updates = array();
+		if ( ! $modified ) {
+			return;
+		}
+
+		if ( strlen( $class ) > 0 ) {
+			$this->set_attribute( 'class', $class );
+		} else {
+			$this->remove_attribute( 'class' );
+		}
+	}
+
+	/**
+	 * Applies updates to attributes.
+	 *
+	 * @since 6.2.0
+	 */
+	private function apply_attributes_updates() {
+		if ( ! count( $this->lexical_updates ) ) {
+			return;
+		}
+
+		/*
+		 * Attribute updates can be enqueued in any order but as we
+		 * progress through the document to replace them we have to
+		 * make our replacements in the order in which they are found
+		 * in that document.
+		 *
+		 * Sorting the updates ensures we don't make our replacements
+		 * out of order, which could otherwise lead to mangled output,
+		 * partially-duplicate attributes, and overwritten attributes.
+		 */
+		usort( $this->lexical_updates, array( self::class, 'sort_start_ascending' ) );
+
+		foreach ( $this->lexical_updates as $diff ) {
+			$this->updated_html .= substr( $this->html, $this->updated_bytes, $diff->start - $this->updated_bytes );
+			$this->updated_html .= $diff->text;
+			$this->updated_bytes = $diff->end;
+		}
+
+		foreach ( $this->bookmarks as $bookmark ) {
+			/*
+			 * As we loop through $this->lexical_updates, we keep comparing
+			 * $bookmark->start and $bookmark->end to $diff->start. We can't
+			 * change it and still expect the correct result, so let's accumulate
+			 * the deltas separately and apply them all at once after the loop.
+			 */
+			$head_delta = 0;
+			$tail_delta = 0;
+
+			foreach ( $this->lexical_updates as $diff ) {
+				$update_head = $bookmark->start >= $diff->start;
+				$update_tail = $bookmark->end >= $diff->start;
+
+				if ( ! $update_head && ! $update_tail ) {
+					break;
+				}
+
+				$delta = strlen( $diff->text ) - ( $diff->end - $diff->start );
+
+				if ( $update_head ) {
+					$head_delta += $delta;
+				}
+
+				if ( $update_tail ) {
+					$tail_delta += $delta;
+				}
+			}
+
+			$bookmark->start += $head_delta;
+			$bookmark->end   += $tail_delta;
+		}
+
+		$this->lexical_updates = array();
+	}
+
+	/**
+	 * Move the current pointer in the Tag Processor to a given bookmark's location.
+	 *
+	 * In order to prevent accidental infinite loops, there's a
+	 * maximum limit on the number of times seek() can be called.
+	 *
+	 * @param string $bookmark_name Jump to the place in the document identified by this bookmark name.
+	 * @return bool
+	 * @throws Exception Throws on invalid bookmark name if WP_DEBUG set.
+	 */
+	public function seek( $bookmark_name ) {
+		if ( ! array_key_exists( $bookmark_name, $this->bookmarks ) ) {
+			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
+				throw new Exception( 'Invalid bookmark name' );
+			}
+			return false;
+		}
+
+		if ( ++$this->seek_count > self::MAX_SEEK_OPS ) {
+			if ( defined( 'WP_DEBUG' ) && WP_DEBUG ) {
+				throw new Exception( 'Too many calls to seek() - this can lead to performance issues.' );
+			}
+			return false;
+		}
+
+		// Flush out any pending updates to the document.
+		$this->get_updated_html();
+
+		// Point this tag processor before the sought tag opener and consume it.
+		$this->parsed_bytes  = $this->bookmarks[ $bookmark_name ]->start;
+		$this->updated_bytes = $this->parsed_bytes;
+		$this->updated_html  = substr( $this->html, 0, $this->updated_bytes );
+		return $this->next_tag();
+	}
+
+	/**
+	 * Compare two WP_HTML_Text_Replacement objects.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param WP_HTML_Text_Replacement $a First attribute update.
+	 * @param WP_HTML_Text_Replacement $b Second attribute update.
+	 * @return integer
+	 */
+	private static function sort_start_ascending( $a, $b ) {
+		$by_start = $a->start - $b->start;
+		if ( 0 !== $by_start ) {
+			return $by_start;
+		}
+
+		$by_text = isset( $a->text, $b->text ) ? strcmp( $a->text, $b->text ) : 0;
+		if ( 0 !== $by_text ) {
+			return $by_text;
+		}
+
+		/*
+		 * We shouldn't ever get here because it would imply
+		 * that we have two identical updates, or that we're
+		 * trying to replace the same input text twice. Still
+		 * we'll handle this sort to preserve determinism,
+		 * which might come in handy when debugging.
+		 */
+		return $a->end - $b->end;
+	}
+
+	/**
+	 * Return the enqueued value for a given attribute, if one exists.
+	 *
+	 * Enqueued updates can take different data types:
+	 *  - If an update is enqueued and is boolean, the return will be `true`
+	 *  - If an update is otherwise enqueued, the return will be the string value of that update.
+	 *  - If an attribute is enqueued to be removed, the return will be `null` to indicate that.
+	 *  - If no updates are enqueued, the return will be `false` to differentiate from "removed."
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param string $comparable_name The attribute name in its comparable form.
+	 * @return string|boolean|null Value of enqueued update if present, otherwise false.
+	 */
+	private function get_enqueued_attribute_value( $comparable_name ) {
+		if ( ! isset( $this->lexical_updates[ $comparable_name ] ) ) {
+			return false;
+		}
+
+		$enqueued_text = $this->lexical_updates[ $comparable_name ]->text;
+
+		// Removed attributes erase the entire span.
+		if ( '' === $enqueued_text ) {
+			return null;
+		}
+
+		/*
+		 * Boolean attribute updates are just the attribute name without a corresponding value.
+		 *
+		 * This value might differ from the given comparable name in that there could be leading
+		 * or trailing whitespace, and that the casing follows the name given in `set_attribute`.
+		 *
+		 * Example:
+		 * ```
+		 *     $p->set_attribute( 'data-TEST-id', 'update' );
+		 *     'update' === $p->get_enqueued_attribute_value( 'data-test-id' );
+		 * ```
+		 *
+		 * Here we detect this based on the absence of the `=`, which _must_ exist in any
+		 * attribute containing a value, e.g. `<input type="text" enabled />`.
+		 *                                            ¹           ²
+		 *                                       1. Attribute with a string value.
+		 *                                       2. Boolean attribute whose value is `true`.
+		 */
+		$equals_at = strpos( $enqueued_text, '=' );
+		if ( false === $equals_at ) {
+			return true;
+		}
+
+		/*
+		 * Finally, a normal update's value will appear after the `=` and
+		 * be double-quoted, as performed incidentally by `set_attribute`.
+		 *
+		 * e.g. `type="text"`
+		 *           ¹²    ³
+		 *        1. Equals is here.
+		 *        2. Double-quoting starts one after the equals sign.
+		 *        3. Double-quoting ends at the last character in the update.
+		 */
+		$enqueued_value = substr( $enqueued_text, $equals_at + 2, -1 );
+		return html_entity_decode( $enqueued_value );
+	}
+
+	/**
+	 * Returns the value of the parsed attribute in the currently-opened tag.
+	 *
+	 * Example:
+	 * <code>
+	 *     $p = new WP_HTML_Tag_Processor( '<div enabled class="test" data-test-id="14">Test</div>' );
+	 *     $p->next_tag( [ 'class_name' => 'test' ] ) === true;
+	 *     $p->get_attribute( 'data-test-id' ) === '14';
+	 *     $p->get_attribute( 'enabled' ) === true;
+	 *     $p->get_attribute( 'aria-label' ) === null;
+	 *
+	 *     $p->next_tag( [] ) === false;
+	 *     $p->get_attribute( 'class' ) === null;
+	 * </code>
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param string $name Name of attribute whose value is requested.
+	 * @return string|true|null Value of attribute or `null` if not available.
+	 *                          Boolean attributes return `true`.
+	 */
+	public function get_attribute( $name ) {
+		if ( null === $this->tag_name_starts_at ) {
+			return null;
+		}
+
+		$comparable = strtolower( $name );
+
+		/*
+		 * For every attribute other than `class` we can perform a quick check if there's an
+		 * enqueued lexical update whose value we should prefer over what's in the input HTML.
+		 *
+		 * The `class` attribute is special though because we expose the helpers `add_class`
+		 * and `remove_class` which form a builder for the `class` attribute, so we have to
+		 * additionally check if there are any enqueued class changes. If there are, we need
+		 * to first flush them out so can report the full string value of the attribute.
+		 */
+		if ( 'class' === $name ) {
+			$this->class_name_updates_to_attributes_updates();
+		}
+
+		// If we have an update for this attribute, return the updated value.
+		$enqueued_value = $this->get_enqueued_attribute_value( $comparable );
+		if ( false !== $enqueued_value ) {
+			return $enqueued_value;
+		}
+
+		if ( ! isset( $this->attributes[ $comparable ] ) ) {
+			return null;
+		}
+
+		$attribute = $this->attributes[ $comparable ];
+
+		/*
+		 * This flag distinguishes an attribute with no value
+		 * from an attribute with an empty string value. For
+		 * unquoted attributes this could look very similar.
+		 * It refers to whether an `=` follows the name.
+		 *
+		 * e.g. <div boolean-attribute empty-attribute=></div>
+		 *           ¹                 ²
+		 *        1. Attribute `boolean-attribute` is `true`.
+		 *        2. Attribute `empty-attribute` is `""`.
+		 */
+		if ( true === $attribute->is_true ) {
+			return true;
+		}
+
+		$raw_value = substr( $this->html, $attribute->value_starts_at, $attribute->value_length );
+
+		return html_entity_decode( $raw_value );
+	}
+
+	/**
+	 * Returns the lowercase names of all attributes matching a given prefix in the currently-opened tag.
+	 *
+	 * Note that matching is case-insensitive. This is in accordance with the spec:
+	 *
+	 * > There must never be two or more attributes on
+	 * > the same start tag whose names are an ASCII
+	 * > case-insensitive match for each other.
+	 *     - HTML 5 spec
+	 *
+	 * @see https://html.spec.whatwg.org/multipage/syntax.html#attributes-2:ascii-case-insensitive
+	 *
+	 * Example:
+	 * <code>
+	 *     $p = new WP_HTML_Tag_Processor( '<div data-ENABLED class="test" DATA-test-id="14">Test</div>' );
+	 *     $p->next_tag( [ 'class_name' => 'test' ] ) === true;
+	 *     $p->get_attribute_names_with_prefix( 'data-' ) === array( 'data-enabled', 'data-test-id' );
+	 *
+	 *     $p->next_tag( [] ) === false;
+	 *     $p->get_attribute_names_with_prefix( 'data-' ) === null;
+	 * </code>
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param string $prefix Prefix of requested attribute names.
+	 * @return array|null List of attribute names, or `null` if not at a tag.
+	 */
+	function get_attribute_names_with_prefix( $prefix ) {
+		if ( $this->is_closing_tag || null === $this->tag_name_starts_at ) {
+			return null;
+		}
+
+		$comparable = strtolower( $prefix );
+
+		$matches = array();
+		foreach ( array_keys( $this->attributes ) as $attr_name ) {
+			if ( str_starts_with( $attr_name, $comparable ) ) {
+				$matches[] = $attr_name;
+			}
+		}
+		return $matches;
+	}
+
+	/**
+	 * Returns the lowercase name of the currently-opened tag.
+	 *
+	 * Example:
+	 * <code>
+	 *     $p = new WP_HTML_Tag_Processor( '<DIV CLASS="test">Test</DIV>' );
+	 *     $p->next_tag( [] ) === true;
+	 *     $p->get_tag() === 'DIV';
+	 *
+	 *     $p->next_tag( [] ) === false;
+	 *     $p->get_tag() === null;
+	 * </code>
+	 *
+	 * @since 6.2.0
+	 *
+	 * @return string|null Name of current tag in input HTML, or `null` if none currently open.
+	 */
+	public function get_tag() {
+		if ( null === $this->tag_name_starts_at ) {
+			return null;
+		}
+
+		$tag_name = substr( $this->html, $this->tag_name_starts_at, $this->tag_name_length );
+
+		return strtoupper( $tag_name );
+	}
+
+	/**
+	 * Indicates if the current tag token is a tag closer.
+	 *
+	 * Example:
+	 * <code>
+	 *     $p = new WP_HTML_Tag_Processor( '<div></div>' );
+	 *     $p->next_tag( [ 'tag_name' => 'div', 'tag_closers' => 'visit' ] );
+	 *     $p->is_tag_closer() === false;
+	 *
+	 *     $p->next_tag( [ 'tag_name' => 'div', 'tag_closers' => 'visit' ] );
+	 *     $p->is_tag_closer() === true;
+	 * </code>
+	 *
+	 * @return bool
+	 */
+	public function is_tag_closer() {
+		return $this->is_closing_tag;
+	}
+
+	/**
+	 * Updates or creates a new attribute on the currently matched tag with the value passed.
+	 *
+	 * For boolean attributes special handling is provided:
+	 *  - When `true` is passed as the value, then only the attribute name is added to the tag.
+	 *  - When `false` is passed, the attribute gets removed if it existed before.
+	 *
+	 * For string attributes, the value is escaped using the `esc_attr` function.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param string         $name  The attribute name to target.
+	 * @param string|boolean $value The new attribute value.
+	 * @throws Exception When WP_DEBUG is true and the attribute name is invalid.
+	 */
+	public function set_attribute( $name, $value ) {
+		if ( $this->is_closing_tag || null === $this->tag_name_starts_at ) {
+			return false;
+		}
+
+		/*
+		 * Verify that the attribute name is allowable. In WP_DEBUG
+		 * environments we want to crash quickly to alert developers
+		 * of typos and issues; but in production we don't want to
+		 * interrupt a normal page view, so we'll silently avoid
+		 * updating the attribute in those cases.
+		 *
+		 * Of note, we're disallowing more characters than are strictly
+		 * forbidden in HTML5. This is to prevent additional security
+		 * risks deeper in the WordPress and plugin stack. Specifically
+		 * we reject the less-than (<) greater-than (>) and ampersand (&).
+		 *
+		 * The use of a PCRE match allows us to look for specific Unicode
+		 * code points without writing a UTF-8 decoder. Whereas scanning
+		 * for one-byte characters is trivial (with `strcspn`), scanning
+		 * for the longer byte sequences would be more complicated, and
+		 * this shouldn't be in the hot path for execution so we can
+		 * compromise on the efficiency at this point.
+		 *
+		 * @see https://html.spec.whatwg.org/#attributes-2
+		 */
+		if ( preg_match(
+			'~[' .
+				// Syntax-like characters.
+				'"\'>&</ =' .
+				// Control characters.
+				'\x{00}-\x{1F}' .
+				// HTML noncharacters.
+				'\x{FDD0}-\x{FDEF}' .
+				'\x{FFFE}\x{FFFF}\x{1FFFE}\x{1FFFF}\x{2FFFE}\x{2FFFF}\x{3FFFE}\x{3FFFF}' .
+				'\x{4FFFE}\x{4FFFF}\x{5FFFE}\x{5FFFF}\x{6FFFE}\x{6FFFF}\x{7FFFE}\x{7FFFF}' .
+				'\x{8FFFE}\x{8FFFF}\x{9FFFE}\x{9FFFF}\x{AFFFE}\x{AFFFF}\x{BFFFE}\x{BFFFF}' .
+				'\x{CFFFE}\x{CFFFF}\x{DFFFE}\x{DFFFF}\x{EFFFE}\x{EFFFF}\x{FFFFE}\x{FFFFF}' .
+				'\x{10FFFE}\x{10FFFF}' .
+			']~Ssu',
+			$name
+		) ) {
+			if ( WP_DEBUG ) {
+				throw new Exception( 'Invalid attribute name' );
+			}
+
+			return;
+		}
+
+		/*
+		 * > The values "true" and "false" are not allowed on boolean attributes.
+		 * > To represent a false value, the attribute has to be omitted altogether.
+		 *     - HTML5 spec, https://html.spec.whatwg.org/#boolean-attributes
+		 */
+		if ( false === $value ) {
+			$this->remove_attribute( $name );
+			return;
+		}
+
+		if ( true === $value ) {
+			$updated_attribute = $name;
+		} else {
+			$escaped_new_value = esc_attr( $value );
+			$updated_attribute = "{$name}=\"{$escaped_new_value}\"";
+		}
+
+		/*
+		 * > There must never be two or more attributes on
+		 * > the same start tag whose names are an ASCII
+		 * > case-insensitive match for each other.
+		 *     - HTML 5 spec
+		 *
+		 * @see https://html.spec.whatwg.org/multipage/syntax.html#attributes-2:ascii-case-insensitive
+		 */
+		$comparable_name = strtolower( $name );
+
+		if ( isset( $this->attributes[ $comparable_name ] ) ) {
+			/*
+			 * Update an existing attribute.
+			 *
+			 * Example – set attribute id to "new" in <div id="initial_id" />:
+			 *    <div id="initial_id"/>
+			 *         ^-------------^
+			 *         start         end
+			 *    replacement: `id="new"`
+			 *
+			 *    Result: <div id="new"/>
+			 */
+			$existing_attribute             = $this->attributes[ $comparable_name ];
+			$this->lexical_updates[ $name ] = new WP_HTML_Text_Replacement(
+				$existing_attribute->start,
+				$existing_attribute->end,
+				$updated_attribute
+			);
+		} else {
+			/*
+			 * Create a new attribute at the tag's name end.
+			 *
+			 * Example – add attribute id="new" to <div />:
+			 *    <div/>
+			 *        ^
+			 *        start and end
+			 *    replacement: ` id="new"`
+			 *
+			 *    Result: <div id="new"/>
+			 */
+			$this->lexical_updates[ $comparable_name ] = new WP_HTML_Text_Replacement(
+				$this->tag_name_starts_at + $this->tag_name_length,
+				$this->tag_name_starts_at + $this->tag_name_length,
+				' ' . $updated_attribute
+			);
+		}
+
+		/*
+		 * Any calls to update the `class` attribute directly should wipe out any
+		 * enqueued class changes from `add_class` and `remove_class`.
+		 */
+		if ( 'class' === $comparable_name && ! empty( $this->classname_updates ) ) {
+			$this->classname_updates = array();
+		}
+	}
+
+	/**
+	 * Removes an attribute of the currently matched tag.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param string $name The attribute name to remove.
+	 */
+	public function remove_attribute( $name ) {
+		if ( $this->is_closing_tag ) {
+			return false;
+		}
+
+		/*
+		 * > There must never be two or more attributes on
+		 * > the same start tag whose names are an ASCII
+		 * > case-insensitive match for each other.
+		 *     - HTML 5 spec
+		 *
+		 * @see https://html.spec.whatwg.org/multipage/syntax.html#attributes-2:ascii-case-insensitive
+		 */
+		$name = strtolower( $name );
+
+		/*
+		 * Any calls to update the `class` attribute directly should wipe out any
+		 * enqueued class changes from `add_class` and `remove_class`.
+		 */
+		if ( 'class' === $name && count( $this->classname_updates ) !== 0 ) {
+			$this->classname_updates = array();
+		}
+
+		// If we updated an attribute we didn't originally have, remove the enqueued update and move on.
+		if ( ! isset( $this->attributes[ $name ] ) ) {
+			if ( isset( $this->lexical_updates[ $name ] ) ) {
+				unset( $this->lexical_updates[ $name ] );
+			}
+			return false;
+		}
+
+		/*
+		 * Removes an existing tag attribute.
+		 *
+		 * Example – remove the attribute id from <div id="main"/>:
+		 *    <div id="initial_id"/>
+		 *         ^-------------^
+		 *         start         end
+		 *    replacement: ``
+		 *
+		 *    Result: <div />
+		 */
+		$this->lexical_updates[ $name ] = new WP_HTML_Text_Replacement(
+			$this->attributes[ $name ]->start,
+			$this->attributes[ $name ]->end,
+			''
+		);
+	}
+
+	/**
+	 * Adds a new class name to the currently matched tag.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param string $class_name The class name to add.
+	 */
+	public function add_class( $class_name ) {
+		if ( $this->is_closing_tag ) {
+			return false;
+		}
+
+		if ( null !== $this->tag_name_starts_at ) {
+			$this->classname_updates[ $class_name ] = self::ADD_CLASS;
+		}
+	}
+
+	/**
+	 * Removes a class name from the currently matched tag.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param string $class_name The class name to remove.
+	 */
+	public function remove_class( $class_name ) {
+		if ( $this->is_closing_tag ) {
+			return false;
+		}
+
+		if ( null !== $this->tag_name_starts_at ) {
+			$this->classname_updates[ $class_name ] = self::REMOVE_CLASS;
+		}
+	}
+
+	/**
+	 * Returns the string representation of the HTML Tag Processor.
+	 *
+	 * @since 6.2.0
+	 * @see get_updated_html
+	 *
+	 * @return string The processed HTML.
+	 */
+	public function __toString() {
+		return $this->get_updated_html();
+	}
+
+	/**
+	 * Returns the string representation of the HTML Tag Processor.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @return string The processed HTML.
+	 */
+	public function get_updated_html() {
+		// Short-circuit if there are no new updates to apply.
+		if ( ! count( $this->classname_updates ) && ! count( $this->lexical_updates ) ) {
+			return $this->updated_html . substr( $this->html, $this->updated_bytes );
+		}
+
+		// Otherwise: apply the updates, rewind before the current tag, and parse it again.
+		$delta_between_updated_html_end_and_current_tag_end = substr(
+			$this->html,
+			$this->updated_bytes,
+			$this->tag_name_starts_at + $this->tag_name_length - $this->updated_bytes
+		);
+		$updated_html_up_to_current_tag_name_end            = $this->updated_html . $delta_between_updated_html_end_and_current_tag_end;
+
+		// 1. Apply the attributes updates to the original HTML
+		$this->class_name_updates_to_attributes_updates();
+		$this->apply_attributes_updates();
+
+		// 2. Replace the original HTML with the updated HTML
+		$this->html          = $this->updated_html . substr( $this->html, $this->updated_bytes );
+		$this->updated_html  = $updated_html_up_to_current_tag_name_end;
+		$this->updated_bytes = strlen( $this->updated_html );
+
+		// 3. Point this tag processor at the original tag opener and consume it
+
+		/*
+		 * When we get here we're at the end of the tag name, and we want to rewind to before it
+		 * <p>Previous HTML<em>More HTML</em></p>
+		 *                 ^  | back up by the length of the tag name plus the opening <
+		 *                 \<-/ back up by strlen("em") + 1 ==> 3
+		 */
+		$this->parsed_bytes = strlen( $updated_html_up_to_current_tag_name_end ) - $this->tag_name_length - 1;
+		$this->next_tag();
+
+		return $this->html;
+	}
+
+	/**
+	 * Prepares tag search criteria from input interface.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param array|string $query {
+	 *     Which tag name to find, having which class.
+	 *
+	 *     @type string|null $tag_name     Which tag to find, or `null` for "any tag."
+	 *     @type string|null $class_name   Tag must contain this class name to match.
+	 *     @type string      $tag_closers  "visit" or "skip": whether to stop on tag closers, e.g. </div>.
+	 * }
+	 */
+	private function parse_query( $query ) {
+		if ( null !== $query && $query === $this->last_query ) {
+			return;
+		}
+
+		$this->last_query          = $query;
+		$this->sought_tag_name     = null;
+		$this->sought_class_name   = null;
+		$this->sought_match_offset = 1;
+		$this->stop_on_tag_closers = false;
+
+		// A single string value means "find the tag of this name".
+		if ( is_string( $query ) ) {
+			$this->sought_tag_name = $query;
+			return;
+		}
+
+		// If not using the string interface we have to pass an associative array.
+		if ( ! is_array( $query ) ) {
+			return;
+		}
+
+		if ( isset( $query['tag_name'] ) && is_string( $query['tag_name'] ) ) {
+			$this->sought_tag_name = $query['tag_name'];
+		}
+
+		if ( isset( $query['class_name'] ) && is_string( $query['class_name'] ) ) {
+			$this->sought_class_name = $query['class_name'];
+		}
+
+		if ( isset( $query['match_offset'] ) && is_int( $query['match_offset'] ) && 0 < $query['match_offset'] ) {
+			$this->sought_match_offset = $query['match_offset'];
+		}
+
+		if ( isset( $query['tag_closers'] ) ) {
+			$this->stop_on_tag_closers = 'visit' === $query['tag_closers'];
+		}
+	}
+
+
+	/**
+	 * Checks whether a given tag and its attributes match the search criteria.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @return boolean
+	 */
+	private function matches() {
+		if ( $this->is_closing_tag && ! $this->stop_on_tag_closers ) {
+			return false;
+		}
+
+		// Do we match a case-insensitive HTML tag name?
+		if ( null !== $this->sought_tag_name ) {
+			/*
+			 * String (byte) length lookup is fast. If they aren't the
+			 * same length then they can't be the same string values.
+			 */
+			if ( strlen( $this->sought_tag_name ) !== $this->tag_name_length ) {
+				return false;
+			}
+
+			/*
+			 * Otherwise we have to check for each character if they
+			 * are the same, and only `strtoupper()` if we have to.
+			 * Presuming that most people will supply lowercase tag
+			 * names and most HTML will contain lowercase tag names,
+			 * most of the time this runs we shouldn't expect to
+			 * actually run the case-folding comparison.
+			 */
+			for ( $i = 0; $i < $this->tag_name_length; $i++ ) {
+				$html_char = $this->html[ $this->tag_name_starts_at + $i ];
+				$tag_char  = $this->sought_tag_name[ $i ];
+
+				if ( $html_char !== $tag_char && strtoupper( $html_char ) !== $tag_char ) {
+					return false;
+				}
+			}
+		}
+
+		$needs_class_name = null !== $this->sought_class_name;
+
+		if ( $needs_class_name && ! isset( $this->attributes['class'] ) ) {
+			return false;
+		}
+
+		// Do we match a byte-for-byte (case-sensitive and encoding-form-sensitive) class name?
+		if ( $needs_class_name ) {
+			$class_start = $this->attributes['class']->value_starts_at;
+			$class_end   = $class_start + $this->attributes['class']->value_length;
+			$class_at    = $class_start;
+
+			/*
+			 * We're going to have to jump through potential matches here because
+			 * it's possible that we have classes containing the class name we're
+			 * looking for. For instance, if we are looking for "even" we don't
+			 * want to be confused when we come to the class "not-even." This is
+			 * secured by ensuring that we find our sought-after class and that
+			 * it's surrounded on both sides by proper boundaries.
+			 *
+			 * See https://html.spec.whatwg.org/#attributes-3
+			 * See https://html.spec.whatwg.org/#space-separated-tokens
+			 */
+			while (
+				// phpcs:ignore WordPress.CodeAnalysis.AssignmentInCondition.FoundInWhileCondition
+				false !== ( $class_at = strpos( $this->html, $this->sought_class_name, $class_at ) ) &&
+				$class_at < $class_end
+			) {
+				/*
+				 * Verify this class starts at a boundary. If it were at 0 we'd be at
+				 * the start of the string and that would be fine, otherwise we have
+				 * to start at a place where the preceding character is whitespace.
+				 */
+				if ( $class_at > $class_start ) {
+					$character = $this->html[ $class_at - 1 ];
+
+					if ( ' ' !== $character && "\t" !== $character && "\f" !== $character && "\r" !== $character && "\n" !== $character ) {
+						$class_at += strlen( $this->sought_class_name );
+						continue;
+					}
+				}
+
+				/*
+				 * Similarly, verify this class ends at a boundary as well. Here we
+				 * can end at the very end of the string value, otherwise we have
+				 * to end at a place where the next character is whitespace.
+				 */
+				if ( $class_at + strlen( $this->sought_class_name ) < $class_end ) {
+					$character = $this->html[ $class_at + strlen( $this->sought_class_name ) ];
+
+					if ( ' ' !== $character && "\t" !== $character && "\f" !== $character && "\r" !== $character && "\n" !== $character ) {
+						$class_at += strlen( $this->sought_class_name );
+						continue;
+					}
+				}
+
+				return true;
+			}
+
+			return false;
+		}
+
+		return true;
+	}
+}
+
+endif;
+
diff --git a/src/wp-includes/class-wp-html-text-replacement.php b/src/wp-includes/class-wp-html-text-replacement.php
new file mode 100644
index 0000000000000..4461df473aadd
--- /dev/null
+++ b/src/wp-includes/class-wp-html-text-replacement.php
@@ -0,0 +1,63 @@
+<?php
+/**
+ * HTML Tag Processor: Text replacement class.
+ *
+ * @package WordPress
+ * @subpackage HTML
+ * @since 6.2.0
+ */
+
+if ( ! class_exists( 'WP_HTML_Text_Replacement' ) ) :
+
+/**
+ * Data structure used to replace existing content from start to end that allows to drastically improve performance.
+ *
+ * This class is for internal usage of the WP_HTML_Tag_Processor class.
+ *
+ * @access private
+ * @since 6.2.0
+ *
+ * @see WP_HTML_Tag_Processor
+ */
+class WP_HTML_Text_Replacement {
+	/**
+	 * Byte offset into document where replacement span begins.
+	 *
+	 * @since 6.2.0
+	 * @var int
+	 */
+	public $start;
+
+	/**
+	 * Byte offset into document where replacement span ends.
+	 *
+	 * @since 6.2.0
+	 * @var int
+	 */
+	public $end;
+
+	/**
+	 * Span of text to insert in document to replace existing content from start to end.
+	 *
+	 * @since 6.2.0
+	 * @var string
+	 */
+	public $text;
+
+	/**
+	 * Constructor.
+	 *
+	 * @since 6.2.0
+	 *
+	 * @param int    $start Byte offset into document where replacement span begins.
+	 * @param int    $end   Byte offset into document where replacement span ends.
+	 * @param string $text  Span of text to insert in document to replace existing content from start to end.
+	 */
+	public function __construct( $start, $end, $text ) {
+		$this->start = $start;
+		$this->end   = $end;
+		$this->text  = $text;
+	}
+}
+
+endif;
diff --git a/src/wp-includes/wp-html.php b/src/wp-includes/wp-html.php
new file mode 100644
index 0000000000000..1806643104794
--- /dev/null
+++ b/src/wp-includes/wp-html.php
@@ -0,0 +1,34 @@
+<?php
+/**
+ * HTML parsing and modification API
+ *
+ * @since 6.2
+ *
+ * @package WordPress
+ * @subpackage HTML
+ */
+
+/*
+ * These helper classes are used by the Tag Processor for tracking
+ * content as it parses HTML documents. Using these helper classes
+ * instead of PHP arrays has a dramatic impact on performance, in
+ * terms of speed as well as memory use.
+ */
+
+/** WP_HTML_Attribute_Token class */
+require_once ABSPATH . WPINC . '/class-wp-html-attribute-token.php';
+
+/** WP_HTML_Span class */
+require_once ABSPATH . WPINC . '/class-wp-html-span.php';
+
+/** WP_HTML_Text_Replacement class */
+require_once ABSPATH . WPINC . '/class-wp-html-text-replacement.php';
+
+/*
+ * The WP_HTML_Tag_Processor is intended for linearly scanning through
+ * an HTML document, searching for HTML tags matching a given query,
+ * and adding, removing, or modifying attributes on those tags.
+ */
+
+/** WP_HTML_Tag_Processor class */
+require_once ABSPATH . WPINC . '/class-wp-html-tag-processor.php';
diff --git a/src/wp-settings.php b/src/wp-settings.php
index 3ed93b2f36629..5385a3356a8c8 100644
--- a/src/wp-settings.php
+++ b/src/wp-settings.php
@@ -234,6 +234,7 @@
 require ABSPATH . WPINC . '/class-wp-oembed-controller.php';
 require ABSPATH . WPINC . '/media.php';
 require ABSPATH . WPINC . '/http.php';
+require ABSPATH . WPINC . '/wp-html.php';
 require ABSPATH . WPINC . '/class-wp-http.php';
 require ABSPATH . WPINC . '/class-wp-http-streams.php';
 require ABSPATH . WPINC . '/class-wp-http-curl.php';
diff --git a/tests/phpunit/tests/html/wpHtmlTagProcessorBookmarks.php b/tests/phpunit/tests/html/wpHtmlTagProcessorBookmarks.php
new file mode 100644
index 0000000000000..c92d0023d16c2
--- /dev/null
+++ b/tests/phpunit/tests/html/wpHtmlTagProcessorBookmarks.php
@@ -0,0 +1,370 @@
+<?php
+/**
+ * Unit tests covering WP_HTML_Tag_Processor bookmark functionality.
+ *
+ * @package WordPress
+ * @subpackage HTML
+ */
+
+require_once ABSPATH . WPINC . '/wp-html.php';
+
+/**
+ * @group html
+ *
+ * @coversDefaultClass WP_HTML_Tag_Processor
+ */
+class WP_HTML_Tag_Processor_Bookmark_Test extends WP_UnitTestCase {
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_bookmark
+	 */
+	public function test_set_bookmark() {
+		$p = new WP_HTML_Tag_Processor( '<ul><li>One</li><li>Two</li><li>Three</li></ul>' );
+		$p->next_tag( 'li' );
+		$this->assertTrue( $p->set_bookmark( 'first li' ), 'Could not allocate a "first li" bookmark.' );
+		$p->next_tag( 'li' );
+		$this->assertTrue( $p->set_bookmark( 'second li' ), 'Could not allocate a "second li" bookmark.' );
+		$this->assertTrue( $p->set_bookmark( 'first li' ), 'Could not move the "first li" bookmark.' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers release_bookmark
+	 */
+	public function test_release_bookmark() {
+		$p = new WP_HTML_Tag_Processor( '<ul><li>One</li><li>Two</li><li>Three</li></ul>' );
+		$p->next_tag( 'li' );
+		$this->assertFalse( $p->release_bookmark( 'first li' ), 'Released a non-existing bookmark.' );
+		$p->set_bookmark( 'first li' );
+		$this->assertTrue( $p->release_bookmark( 'first li' ), 'Could not release a bookmark.' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers seek
+	 * @covers set_bookmark
+	 */
+	public function test_seek() {
+		$p = new WP_HTML_Tag_Processor( '<ul><li>One</li><li>Two</li><li>Three</li></ul>' );
+		$p->next_tag( 'li' );
+		$p->set_bookmark( 'first li' );
+
+		$p->next_tag( 'li' );
+		$p->set_attribute( 'foo-2', 'bar-2' );
+
+		$p->seek( 'first li' );
+		$p->set_attribute( 'foo-1', 'bar-1' );
+
+		$this->assertEquals(
+			'<ul><li foo-1="bar-1">One</li><li foo-2="bar-2">Two</li><li>Three</li></ul>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * WP_HTML_Tag_Processor used to test for the diffs affecting
+	 * the adjusted bookmark position while simultaneously adjusting
+	 * the bookmark in question. As a result, updating the bookmarks
+	 * of a next tag while removing two subsequent attributes in
+	 * a previous tag unfolded like this:
+	 *
+	 * 1. Check if the first removed attribute is before the bookmark:
+	 *
+	 * <button twenty_one_characters 7_chars></button><button></button>
+	 *         ^-------------------^                  ^
+	 *           diff applied here           the bookmark is here
+	 *
+	 *    (Yes it is)
+	 *
+	 * 2. Move the bookmark to the left by the attribute length:
+	 *
+	 * <button twenty_one_characters 7_chars></button><button></button>
+	 *                           ^
+	 *                   the bookmark is here
+	 *
+	 * 3. Check if the second removed attribute is before the bookmark:
+	 *
+	 * <button twenty_one_characters 7_chars></button><button></button>
+	 *                           ^   ^-----^
+	 *                    bookmark    diff
+	 *
+	 *    This time, it isn't!
+	 *
+	 * The fix in the WP_HTML_Tag_Processor involves doing all the checks
+	 * before moving the bookmark. This test is here to guard us from
+	 * the erroneous behavior accidentally returning one day.
+	 *
+	 * @ticket 56299
+	 *
+	 * @covers seek
+	 * @covers set_bookmark
+	 * @covers apply_attributes_updates
+	 */
+	public function test_removing_long_attributes_doesnt_break_seek() {
+		$input = <<<HTML
+		<button twenty_one_characters 7_chars></button><button></button>
+HTML;
+		$p     = new WP_HTML_Tag_Processor( $input );
+		$p->next_tag( 'button' );
+		$p->set_bookmark( 'first' );
+		$p->next_tag( 'button' );
+		$p->set_bookmark( 'second' );
+
+		$this->assertTrue(
+			$p->seek( 'first' ),
+			'Seek() to the first button has failed'
+		);
+		$p->remove_attribute( 'twenty_one_characters' );
+		$p->remove_attribute( '7_chars' );
+
+		$this->assertTrue(
+			$p->seek( 'second' ),
+			'Seek() to the second button has failed'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers seek
+	 * @covers set_bookmark
+	 */
+	public function test_bookmarks_complex_use_case() {
+		$input           = <<<HTML
+<div selected class="merge-message" checked>
+	<div class="select-menu d-inline-block">
+		<div checked class="BtnGroup MixedCaseHTML position-relative" />
+		<div checked class="BtnGroup MixedCaseHTML position-relative">
+			<button type="button" class="merge-box-button btn-group-merge rounded-left-2 btn  BtnGroup-item js-details-target hx_create-pr-button" aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Merge pull request
+			</button>
+
+			<button type="button" class="merge-box-button btn-group-squash rounded-left-2 btn  BtnGroup-item js-details-target hx_create-pr-button" aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Squash and merge
+			</button>
+
+			<button type="button" class="merge-box-button btn-group-rebase rounded-left-2 btn  BtnGroup-item js-details-target hx_create-pr-button" aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Rebase and merge
+			</button>
+
+			<button aria-label="Select merge method" disabled="disabled" type="button" data-view-component="true" class="select-menu-button btn BtnGroup-item"></button>
+		</div>
+	</div>
+</div>
+HTML;
+		$expected_output = <<<HTML
+<div selected class="merge-message" checked>
+	<div class="select-menu d-inline-block">
+		<div  class="BtnGroup MixedCaseHTML position-relative" />
+		<div checked class="BtnGroup MixedCaseHTML position-relative">
+			<button type="submit" class="merge-box-button btn-group-merge rounded-left-2 btn  BtnGroup-item js-details-target hx_create-pr-button" aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Merge pull request
+			</button>
+
+			<button  class="hx_create-pr-button" aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Squash and merge
+			</button>
+
+			<button id="rebase-and-merge"     disabled="">
+			  Rebase and merge
+			</button>
+
+			<button id="last-button"     ></button>
+		</div>
+	</div>
+</div>
+HTML;
+		$p               = new WP_HTML_Tag_Processor( $input );
+		$p->next_tag( 'div' );
+		$p->next_tag( 'div' );
+		$p->next_tag( 'div' );
+		$p->set_bookmark( 'first div' );
+		$p->next_tag( 'button' );
+		$p->set_bookmark( 'first button' );
+		$p->next_tag( 'button' );
+		$p->set_bookmark( 'second button' );
+		$p->next_tag( 'button' );
+		$p->set_bookmark( 'third button' );
+		$p->next_tag( 'button' );
+		$p->set_bookmark( 'fourth button' );
+
+		$p->seek( 'first button' );
+		$p->set_attribute( 'type', 'submit' );
+
+		$this->assertTrue(
+			$p->seek( 'third button' ),
+			'Seek() to the third button failed'
+		);
+		$p->remove_attribute( 'class' );
+		$p->remove_attribute( 'type' );
+		$p->remove_attribute( 'aria-expanded' );
+		$p->set_attribute( 'id', 'rebase-and-merge' );
+		$p->remove_attribute( 'data-details-container' );
+
+		$this->assertTrue(
+			$p->seek( 'first div' ),
+			'Seek() to the first div failed'
+		);
+		$p->set_attribute( 'checked', false );
+
+		$this->assertTrue(
+			$p->seek( 'fourth button' ),
+			'Seek() to the fourth button failed'
+		);
+		$p->set_attribute( 'id', 'last-button' );
+		$p->remove_attribute( 'class' );
+		$p->remove_attribute( 'type' );
+		$p->remove_attribute( 'checked' );
+		$p->remove_attribute( 'aria-label' );
+		$p->remove_attribute( 'disabled' );
+		$p->remove_attribute( 'data-view-component' );
+
+		$this->assertTrue(
+			$p->seek( 'second button' ),
+			'Seek() to the second button failed'
+		);
+		$p->remove_attribute( 'type' );
+		$p->set_attribute( 'class', 'hx_create-pr-button' );
+
+		$this->assertEquals(
+			$expected_output,
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers seek
+	 * @covers set_bookmark
+	 */
+	public function test_updates_bookmark_for_additions_after_both_sides() {
+		$p = new WP_HTML_Tag_Processor( '<div>First</div><div>Second</div>' );
+		$p->next_tag();
+		$p->set_bookmark( 'first' );
+		$p->next_tag();
+		$p->add_class( 'second' );
+
+		$p->seek( 'first' );
+		$p->add_class( 'first' );
+
+		$this->assertEquals(
+			'<div class="first">First</div><div class="second">Second</div>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers seek
+	 * @covers set_bookmark
+	 */
+	public function test_updates_bookmark_for_additions_before_both_sides() {
+		$p = new WP_HTML_Tag_Processor( '<div>First</div><div>Second</div>' );
+		$p->next_tag();
+		$p->set_bookmark( 'first' );
+		$p->next_tag();
+		$p->set_bookmark( 'second' );
+
+		$p->seek( 'first' );
+		$p->add_class( 'first' );
+
+		$p->seek( 'second' );
+		$p->add_class( 'second' );
+
+		$this->assertEquals(
+			'<div class="first">First</div><div class="second">Second</div>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers seek
+	 * @covers set_bookmark
+	 */
+	public function test_updates_bookmark_for_deletions_after_both_sides() {
+		$p = new WP_HTML_Tag_Processor( '<div>First</div><div disabled>Second</div>' );
+		$p->next_tag();
+		$p->set_bookmark( 'first' );
+		$p->next_tag();
+		$p->remove_attribute( 'disabled' );
+
+		$p->seek( 'first' );
+		$p->set_attribute( 'untouched', true );
+
+		$this->assertEquals(
+			/** @TODO: we shouldn't have to assert the extra space after removing the attribute. */
+			'<div untouched>First</div><div >Second</div>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers seek
+	 * @covers set_bookmark
+	 */
+	public function test_updates_bookmark_for_deletions_before_both_sides() {
+		$p = new WP_HTML_Tag_Processor( '<div disabled>First</div><div>Second</div>' );
+		$p->next_tag();
+		$p->set_bookmark( 'first' );
+		$p->next_tag();
+		$p->set_bookmark( 'second' );
+
+		$p->seek( 'first' );
+		$p->remove_attribute( 'disabled' );
+
+		$p->seek( 'second' );
+		$p->set_attribute( 'safe', true );
+
+		$this->assertEquals(
+			/** @TODO: we shouldn't have to assert the extra space after removing the attribute. */
+			'<div >First</div><div safe>Second</div>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_bookmark
+	 */
+	public function test_limits_the_number_of_bookmarks() {
+		$p = new WP_HTML_Tag_Processor( '<ul><li>One</li><li>Two</li><li>Three</li></ul>' );
+		$p->next_tag( 'li' );
+
+		$this->expectException( Exception::class );
+
+		for ( $i = 0;$i < WP_HTML_Tag_Processor::MAX_BOOKMARKS;$i++ ) {
+			$this->assertTrue( $p->set_bookmark( "bookmark $i" ), "Could not allocate the bookmark #$i" );
+		}
+
+		$this->assertFalse( $p->set_bookmark( 'final bookmark' ), "Allocated $i bookmarks, which is one above the limit." );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers seek
+	 */
+	public function test_limits_the_number_of_seek_calls() {
+		$p = new WP_HTML_Tag_Processor( '<ul><li>One</li><li>Two</li><li>Three</li></ul>' );
+		$p->next_tag( 'li' );
+		$p->set_bookmark( 'bookmark' );
+
+		$this->expectException( Exception::class );
+
+		for ( $i = 0; $i < WP_HTML_Tag_Processor::MAX_SEEK_OPS; $i++ ) {
+			$this->assertTrue( $p->seek( 'bookmark' ), 'Could not seek to the "bookmark"' );
+		}
+		$this->assertFalse( $p->seek( 'bookmark' ), "$i-th seek() to the bookmark succeeded, even though it should exceed the allowed limit." );
+	}
+}
diff --git a/tests/phpunit/tests/html/wpHtmlTagProcessorTest.php b/tests/phpunit/tests/html/wpHtmlTagProcessorTest.php
new file mode 100644
index 0000000000000..92f87099362ec
--- /dev/null
+++ b/tests/phpunit/tests/html/wpHtmlTagProcessorTest.php
@@ -0,0 +1,1908 @@
+<?php
+/**
+ * Unit tests covering WP_HTML_Tag_Processor functionality.
+ *
+ * @package WordPress
+ * @subpackage HTML
+ */
+
+require_once ABSPATH . WPINC . '/wp-html.php';
+
+/**
+ * @group html
+ *
+ * @coversDefaultClass WP_HTML_Tag_Processor
+ */
+class WP_HTML_Tag_Processor_Test extends WP_UnitTestCase {
+	const HTML_SIMPLE       = '<div id="first"><span id="second">Text</span></div>';
+	const HTML_WITH_CLASSES = '<div class="main with-border" id="first"><span class="not-main bold with-border" id="second">Text</span></div>';
+	const HTML_MALFORMED    = '<div><span class="d-md-none" Notifications</span><span class="d-none d-md-inline">Back to notifications</span></div>';
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers get_tag
+	 */
+	public function test_get_tag_returns_null_before_finding_tags() {
+		$p = new WP_HTML_Tag_Processor( '<div>Test</div>' );
+		$this->assertNull( $p->get_tag() );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_tag
+	 */
+	public function test_get_tag_returns_null_when_not_in_open_tag() {
+		$p = new WP_HTML_Tag_Processor( '<div>Test</div>' );
+		$this->assertFalse( $p->next_tag( 'p' ), 'Querying a non-existing tag did not return false' );
+		$this->assertNull( $p->get_tag(), 'Accessing a non-existing tag did not return null' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_tag
+	 */
+	public function test_get_tag_returns_open_tag_name() {
+		$p = new WP_HTML_Tag_Processor( '<div>Test</div>' );
+		$this->assertTrue( $p->next_tag( 'div' ), 'Querying an existing tag did not return true' );
+		$this->assertSame( 'DIV', $p->get_tag(), 'Accessing an existing tag name did not return "div"' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_returns_null_before_finding_tags() {
+		$p = new WP_HTML_Tag_Processor( '<div class="test">Test</div>' );
+		$this->assertNull( $p->get_attribute( 'class' ) );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_returns_null_when_not_in_open_tag() {
+		$p = new WP_HTML_Tag_Processor( '<div class="test">Test</div>' );
+		$this->assertFalse( $p->next_tag( 'p' ), 'Querying a non-existing tag did not return false' );
+		$this->assertNull( $p->get_attribute( 'class' ), 'Accessing an attribute of a non-existing tag did not return null' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_returns_null_when_in_closing_tag() {
+		$p = new WP_HTML_Tag_Processor( '<div class="test">Test</div>' );
+		$this->assertTrue( $p->next_tag( 'div' ), 'Querying an existing tag did not return true' );
+		$this->assertTrue( $p->next_tag( array( 'tag_closers' => 'visit' ) ), 'Querying an existing closing tag did not return true' );
+		$this->assertNull( $p->get_attribute( 'class' ), 'Accessing an attribute of a closing tag did not return null' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_returns_null_when_attribute_missing() {
+		$p = new WP_HTML_Tag_Processor( '<div class="test">Test</div>' );
+		$this->assertTrue( $p->next_tag( 'div' ), 'Querying an existing tag did not return true' );
+		$this->assertNull( $p->get_attribute( 'test-id' ), 'Accessing a non-existing attribute did not return null' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_returns_attribute_value() {
+		$p = new WP_HTML_Tag_Processor( '<div class="test">Test</div>' );
+		$this->assertTrue( $p->next_tag( 'div' ), 'Querying an existing tag did not return true' );
+		$this->assertSame( 'test', $p->get_attribute( 'class' ), 'Accessing a class="test" attribute value did not return "test"' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_returns_true_for_boolean_attribute() {
+		$p = new WP_HTML_Tag_Processor( '<div enabled class="test">Test</div>' );
+		$this->assertTrue( $p->next_tag( array( 'class_name' => 'test' ) ), 'Querying an existing tag did not return true' );
+		$this->assertTrue( $p->get_attribute( 'enabled' ), 'Accessing a boolean "enabled" attribute value did not return true' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_returns_string_for_truthy_attributes() {
+		$p = new WP_HTML_Tag_Processor( '<div enabled=enabled checked=1 hidden="true" class="test">Test</div>' );
+		$this->assertTrue( $p->next_tag( array() ), 'Querying an existing tag did not return true' );
+		$this->assertSame( 'enabled', $p->get_attribute( 'enabled' ), 'Accessing a boolean "enabled" attribute value did not return true' );
+		$this->assertSame( '1', $p->get_attribute( 'checked' ), 'Accessing a checked=1 attribute value did not return "1"' );
+		$this->assertSame( 'true', $p->get_attribute( 'hidden' ), 'Accessing a hidden="true" attribute value did not return "true"' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers WP_HTML_Tag_Processor::get_attribute
+	 */
+	public function test_get_attribute_decodes_html_character_references() {
+		$p = new WP_HTML_Tag_Processor( '<div id="the &quot;grande&quot; is &lt; &#x033;&#50;oz&dagger;"></div>' );
+		$p->next_tag();
+		$this->assertSame( 'the "grande" is < 32oz†', $p->get_attribute( 'id' ), 'HTML Attribute value was returned without decoding character references' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_attribute
+	 */
+	public function test_attributes_parser_treats_slash_as_attribute_separator() {
+		$p = new WP_HTML_Tag_Processor( '<div a/b/c/d/e="test">Test</div>' );
+		$this->assertTrue( $p->next_tag( array() ), 'Querying an existing tag did not return true' );
+		$this->assertTrue( $p->get_attribute( 'a' ), 'Accessing an existing attribute did not return true' );
+		$this->assertTrue( $p->get_attribute( 'b' ), 'Accessing an existing attribute did not return true' );
+		$this->assertTrue( $p->get_attribute( 'c' ), 'Accessing an existing attribute did not return true' );
+		$this->assertTrue( $p->get_attribute( 'd' ), 'Accessing an existing attribute did not return true' );
+		$this->assertSame( 'test', $p->get_attribute( 'e' ), 'Accessing an existing e="test" did not return "test"' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_attribute
+	 */
+	public function test_attributes_parser_is_case_insensitive() {
+		$p = new WP_HTML_Tag_Processor( '<div DATA-enabled="true" data-VISIBLE>Test</div>' );
+		$p->next_tag();
+		$p->get_attribute( 'data-enabled' );
+		$this->assertEquals( 'true', $p->get_attribute( 'DATA-enabled' ), 'A case-insensitive get_attribute call did not return "true".' );
+		$this->assertEquals( 'true', $p->get_attribute( 'data-enabled' ), 'A case-insensitive get_attribute call did not return "true".' );
+		$this->assertEquals( 'true', $p->get_attribute( 'DATA-ENABLED' ), 'A case-insensitive get_attribute call did not return "true".' );
+		$this->assertEquals( true, $p->get_attribute( 'data-VISIBLE' ), 'A case-insensitive get_attribute call did not return true.' );
+		$this->assertEquals( true, $p->get_attribute( 'DATA-visible' ), 'A case-insensitive get_attribute call did not return true.' );
+		$this->assertEquals( true, $p->get_attribute( 'dAtA-ViSiBlE' ), 'A case-insensitive get_attribute call did not return true.' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers remove_attribute
+	 */
+	public function test_remove_attribute_is_case_insensitive() {
+		$p = new WP_HTML_Tag_Processor( '<div DATA-enabled="true">Test</div>' );
+		$p->next_tag();
+		$p->remove_attribute( 'data-enabled' );
+		$this->assertEquals( '<div >Test</div>', $p->get_updated_html(), 'A case-insensitive remove_attribute call did not remove the attribute.' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers set_attribute
+	 */
+	public function test_set_attribute_is_case_insensitive() {
+		$p = new WP_HTML_Tag_Processor( '<div DATA-enabled="true">Test</div>' );
+		$p->next_tag();
+		$p->set_attribute( 'data-enabled', 'abc' );
+		$this->assertEquals( '<div data-enabled="abc">Test</div>', $p->get_updated_html(), 'A case-insensitive set_attribute call did not update the existing attribute.' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers get_attribute_names_with_prefix
+	 */
+	public function test_get_attribute_names_with_prefix_returns_null_before_finding_tags() {
+		$p = new WP_HTML_Tag_Processor( '<div data-foo="bar">Test</div>' );
+		$this->assertNull( $p->get_attribute_names_with_prefix( 'data-' ) );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers get_attribute_names_with_prefix
+	 */
+	public function test_get_attribute_names_with_prefix_returns_null_when_not_in_open_tag() {
+		$p = new WP_HTML_Tag_Processor( '<div data-foo="bar">Test</div>' );
+		$p->next_tag( 'p' );
+		$this->assertNull( $p->get_attribute_names_with_prefix( 'data-' ), 'Accessing attributes of a non-existing tag did not return null' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers get_attribute_names_with_prefix
+	 */
+	public function test_get_attribute_names_with_prefix_returns_null_when_in_closing_tag() {
+		$p = new WP_HTML_Tag_Processor( '<div data-foo="bar">Test</div>' );
+		$p->next_tag( 'div' );
+		$p->next_tag( array( 'tag_closers' => 'visit' ) );
+		$this->assertNull( $p->get_attribute_names_with_prefix( 'data-' ), 'Accessing attributes of a closing tag did not return null' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers get_attribute_names_with_prefix
+	 */
+	public function test_get_attribute_names_with_prefix_returns_empty_array_when_no_attributes_present() {
+		$p = new WP_HTML_Tag_Processor( '<div>Test</div>' );
+		$p->next_tag( 'div' );
+		$this->assertSame( array(), $p->get_attribute_names_with_prefix( 'data-' ), 'Accessing the attributes on a tag without any did not return an empty array' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers get_attribute_names_with_prefix
+	 */
+	public function test_get_attribute_names_with_prefix_returns_matching_attribute_names_in_lowercase() {
+		$p = new WP_HTML_Tag_Processor( '<div DATA-enabled class="test" data-test-ID="14">Test</div>' );
+		$p->next_tag();
+		$this->assertSame(
+			array( 'data-enabled', 'data-test-id' ),
+			$p->get_attribute_names_with_prefix( 'data-' )
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 * @covers get_attribute_names_with_prefix
+	 */
+	public function test_get_attribute_names_with_prefix_returns_attribute_added_by_set_attribute() {
+		$p = new WP_HTML_Tag_Processor( '<div data-foo="bar">Test</div>' );
+		$p->next_tag();
+		$p->set_attribute( 'data-test-id', '14' );
+		$this->assertSame(
+			'<div data-test-id="14" data-foo="bar">Test</div>',
+			$p->get_updated_html(),
+			"Updated HTML doesn't include attribute added via set_attribute"
+		);
+		$this->assertSame(
+			array( 'data-test-id', 'data-foo' ),
+			$p->get_attribute_names_with_prefix( 'data-' ),
+			"Accessing attribute names doesn't find attribute added via set_attribute"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers __toString
+	 */
+	public function tostring_returns_updated_html() {
+		$p = new WP_HTML_Tag_Processor( '<hr id="remove" /><div enabled class="test">Test</div><span id="span-id"></span>' );
+		$p->next_tag();
+		$p->remove_attribute( 'id' );
+
+		$p->next_tag();
+		$p->set_attribute( 'id', 'div-id-1' );
+		$p->add_class( 'new_class_1' );
+
+		$this->assertEquals(
+			$p->get_updated_html(),
+			(string) $p
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers get_updated_html
+	 */
+	public function test_get_updated_html_applies_the_updates_so_far_and_keeps_the_processor_on_the_current_tag() {
+		$p = new WP_HTML_Tag_Processor( '<hr id="remove" /><div enabled class="test">Test</div><span id="span-id"></span>' );
+		$p->next_tag();
+		$p->remove_attribute( 'id' );
+
+		$p->next_tag();
+		$p->set_attribute( 'id', 'div-id-1' );
+		$p->add_class( 'new_class_1' );
+		$this->assertSame(
+			'<hr  /><div id="div-id-1" enabled class="test new_class_1">Test</div><span id="span-id"></span>',
+			$p->get_updated_html(),
+			'Calling get_updated_html after updating the attributes of the second tag returned different HTML than expected'
+		);
+
+		$p->set_attribute( 'id', 'div-id-2' );
+		$p->add_class( 'new_class_2' );
+		$this->assertSame(
+			'<hr  /><div id="div-id-2" enabled class="test new_class_1 new_class_2">Test</div><span id="span-id"></span>',
+			$p->get_updated_html(),
+			'Calling get_updated_html after updating the attributes of the second tag for the second time returned different HTML than expected'
+		);
+
+		$p->next_tag();
+		$p->remove_attribute( 'id' );
+		$this->assertSame(
+			'<hr  /><div id="div-id-2" enabled class="test new_class_1 new_class_2">Test</div><span ></span>',
+			$p->get_updated_html(),
+			'Calling get_updated_html after removing the id attribute of the third tag returned different HTML than expected'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers get_updated_html
+	 */
+	public function test_get_updated_html_without_updating_any_attributes_returns_the_original_html() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$this->assertSame( self::HTML_SIMPLE, $p->get_updated_html() );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 */
+	public function test_next_tag_with_no_arguments_should_find_the_next_existing_tag() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$this->assertTrue( $p->next_tag(), 'Querying an existing tag did not return true' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 */
+	public function test_next_tag_should_return_false_for_a_non_existing_tag() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$this->assertFalse( $p->next_tag( 'p' ), 'Querying a non-existing tag did not return false' );
+	}
+
+	/**
+	 * @covers next_tag
+	 * @covers is_tag_closer
+	 */
+	public function test_next_tag_should_stop_on_closers_only_when_requested() {
+		$p = new WP_HTML_Tag_Processor( '<div><img /></div>' );
+		$this->assertTrue( $p->next_tag( array( 'tag_name' => 'div' ) ), 'Did not find desired tag opener' );
+		$this->assertFalse( $p->next_tag( array( 'tag_name' => 'div' ) ), 'Visited an unwanted tag, a tag closer' );
+
+		$p = new WP_HTML_Tag_Processor( '<div><img /></div>' );
+		$p->next_tag(
+			array(
+				'tag_name'    => 'div',
+				'tag_closers' => 'visit',
+			)
+		);
+		$this->assertFalse( $p->is_tag_closer(), 'Indicated a tag opener is a tag closer' );
+		$this->assertTrue(
+			$p->next_tag(
+				array(
+					'tag_name'    => 'div',
+					'tag_closers' => 'visit',
+				)
+			),
+			'Did not stop at desired tag closer'
+		);
+		$this->assertTrue( $p->is_tag_closer(), 'Indicated a tag closer is a tag opener' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers get_updated_html
+	 */
+	public function test_set_attribute_on_a_non_existing_tag_does_not_change_the_markup() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$this->assertFalse( $p->next_tag( 'p' ), 'Querying a non-existing tag did not return false' );
+		$this->assertFalse( $p->next_tag( 'div' ), 'Querying a non-existing tag did not return false' );
+		$p->set_attribute( 'id', 'primary' );
+		$this->assertSame(
+			self::HTML_SIMPLE,
+			$p->get_updated_html(),
+			'Calling get_updated_html after updating a non-existing tag returned an HTML that was different from the original HTML'
+		);
+	}
+
+	public function test_attribute_ops_on_tag_closer_do_not_change_the_markup() {
+		$p = new WP_HTML_Tag_Processor( '<div id=3></div invalid-id=4>' );
+		$p->next_tag(
+			array(
+				'tag_name'    => 'div',
+				'tag_closers' => 'visit',
+			)
+		);
+		$this->assertFalse( $p->is_tag_closer(), 'Skipped tag opener' );
+		$p->next_tag(
+			array(
+				'tag_name'    => 'div',
+				'tag_closers' => 'visit',
+			)
+		);
+		$this->assertTrue( $p->is_tag_closer(), 'Skipped tag closer' );
+		$this->assertFalse( $p->set_attribute( 'id', 'test' ), "Allowed setting an attribute on a tag closer when it shouldn't have" );
+		$this->assertFalse( $p->remove_attribute( 'invalid-id' ), "Allowed removing an attribute on a tag closer when it shouldn't have" );
+		$this->assertFalse( $p->add_class( 'sneaky' ), "Allowed adding a class on a tag closer when it shouldn't have" );
+		$this->assertFalse( $p->remove_class( 'not-appearing-in-this-test' ), "Allowed removing a class on a tag closer when it shouldn't have" );
+		$this->assertSame(
+			'<div id=3></div invalid-id=4>',
+			$p->get_updated_html(),
+			'Calling get_updated_html after updating a non-existing tag returned an HTML that was different from the original HTML'
+		);
+	}
+
+	/**
+	 * Passing a double quote inside of an attribute values could lead to an XSS attack as follows:
+	 *
+	 * <code>
+	 *     $p = new WP_HTML_Tag_Processor( '<div class="header"></div>' );
+	 *     $p->next_tag();
+	 *     $p->set_attribute('class', '" onclick="alert');
+	 *     echo $p;
+	 *     // <div class="" onclick="alert"></div>
+	 * </code>
+	 *
+	 * To prevent it, `set_attribute` calls `esc_attr()` on its given values.
+	 *
+	 * <code>
+	 *    <div class="&quot; onclick=&quot;alert"></div>
+	 * </code>
+	 *
+	 * @ticket 56299
+	 *
+	 * @dataProvider data_set_attribute_escapable_values
+	 * @covers set_attribute
+	 */
+	public function test_set_attribute_prevents_xss( $attribute_value ) {
+		$p = new WP_HTML_Tag_Processor( '<div></div>' );
+		$p->next_tag();
+		$p->set_attribute( 'test', $attribute_value );
+
+		/*
+		 * Testing the escaping is hard using tools that properly parse
+		 * HTML because they might interpret the escaped values. It's hard
+		 * with tools that don't understand HTML because they might get
+		 * confused by improperly-escaped values.
+		 *
+		 * For this test, since we control the input HTML we're going to
+		 * do what looks like the opposite of what we want to be doing with
+		 * this library but are only doing so because we have full control
+		 * over the content and because we want to look at the raw values.
+		 */
+		$match = null;
+		preg_match( '~^<div test=(.*)></div>$~', $p->get_updated_html(), $match );
+		list( , $actual_value ) = $match;
+
+		$this->assertEquals( $actual_value, '"' . esc_attr( $attribute_value ) . '"' );
+	}
+
+	/**
+	 * Data provider with HTML attribute values that might need escaping.
+	 */
+	public function data_set_attribute_escapable_values() {
+		return array(
+			array( '"' ),
+			array( '&quot;' ),
+			array( '&' ),
+			array( '&amp;' ),
+			array( '&euro;' ),
+			array( "'" ),
+			array( '<>' ),
+			array( '&quot";' ),
+			array( '" onclick="alert(\'1\');"><span onclick=""></span><script>alert("1")</script>' ),
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_set_attribute_with_a_non_existing_attribute_adds_a_new_attribute_to_the_markup() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->set_attribute( 'test-attribute', 'test-value' );
+		$this->assertSame(
+			'<div test-attribute="test-value" id="first"><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not include attribute added via set_attribute()'
+		);
+		$this->assertSame(
+			'test-value',
+			$p->get_attribute( 'test-attribute' ),
+			'get_attribute() (called after get_updated_html()) did not return attribute added via set_attribute()'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_returns_updated_values_before_they_are_updated() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->set_attribute( 'test-attribute', 'test-value' );
+		$this->assertSame(
+			'test-value',
+			$p->get_attribute( 'test-attribute' ),
+			'get_attribute() (called before get_updated_html()) did not return attribute added via set_attribute()'
+		);
+		$this->assertSame(
+			'<div test-attribute="test-value" id="first"><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not include attribute added via set_attribute()'
+		);
+	}
+
+	public function test_get_attribute_returns_updated_values_before_they_are_updated_with_different_name_casing() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->set_attribute( 'test-ATTribute', 'test-value' );
+		$this->assertSame(
+			'test-value',
+			$p->get_attribute( 'test-attribute' ),
+			'get_attribute() (called before get_updated_html()) did not return attribute added via set_attribute()'
+		);
+		$this->assertSame(
+			'<div test-ATTribute="test-value" id="first"><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not include attribute added via set_attribute()'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_reflects_added_class_names_before_they_are_updated() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->add_class( 'my-class' );
+		$this->assertSame(
+			'my-class',
+			$p->get_attribute( 'class' ),
+			'get_attribute() (called before get_updated_html()) did not return class name added via add_class()'
+		);
+		$this->assertSame(
+			'<div class="my-class" id="first"><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not include class name added via add_class()'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_reflects_added_class_names_before_they_are_updated_and_retains_classes_from_previous_add_class_calls() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->add_class( 'my-class' );
+		$this->assertSame(
+			'my-class',
+			$p->get_attribute( 'class' ),
+			'get_attribute() (called before get_updated_html()) did not return class name added via add_class()'
+		);
+		$p->add_class( 'my-other-class' );
+		$this->assertSame(
+			'my-class my-other-class',
+			$p->get_attribute( 'class' ),
+			'get_attribute() (called before get_updated_html()) did not return class names added via subsequent add_class() calls'
+		);
+		$this->assertSame(
+			'<div class="my-class my-other-class" id="first"><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not include class names added via subsequent add_class() calls'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers remove_attribute
+	 * @covers get_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_get_attribute_reflects_removed_attribute_before_it_is_updated() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->remove_attribute( 'id' );
+		$this->assertNull(
+			$p->get_attribute( 'id' ),
+			'get_attribute() (called before get_updated_html()) returned attribute that was removed by remove_attribute()'
+		);
+		$this->assertSame(
+			'<div ><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML includes attribute that was removed by remove_attribute()'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers remove_attribute
+	 * @covers get_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_get_attribute_reflects_adding_and_then_removing_an_attribute_before_it_is_updated() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->set_attribute( 'test-attribute', 'test-value' );
+		$p->remove_attribute( 'test-attribute' );
+		$this->assertNull(
+			$p->get_attribute( 'test-attribute' ),
+			'get_attribute() (called before get_updated_html()) returned attribute that was added via set_attribute() and then removed by remove_attribute()'
+		);
+		$this->assertSame(
+			self::HTML_SIMPLE,
+			$p->get_updated_html(),
+			'Updated HTML includes attribute that was added via set_attribute() and then removed by remove_attribute()'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers remove_attribute
+	 * @covers get_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_get_attribute_reflects_setting_and_then_removing_an_existing_attribute_before_it_is_updated() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->set_attribute( 'id', 'test-value' );
+		$p->remove_attribute( 'id' );
+		$this->assertNull(
+			$p->get_attribute( 'id' ),
+			'get_attribute() (called before get_updated_html()) returned attribute that was overwritten by set_attribute() and then removed by remove_attribute()'
+		);
+		$this->assertSame(
+			'<div ><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML includes attribute that was overwritten by set_attribute() and then removed by remove_attribute()'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers remove_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_get_attribute_reflects_removed_class_names_before_they_are_updated() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->remove_class( 'with-border' );
+		$this->assertSame(
+			'main',
+			$p->get_attribute( 'class' ),
+			'get_attribute() (called before get_updated_html()) returned the wrong attribute after calling remove_attribute()'
+		);
+		$this->assertSame(
+			'<div class="main" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML includes wrong attribute after calling remove_attribute()'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers remove_class
+	 * @covers get_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_get_attribute_reflects_setting_and_then_removing_a_class_name_before_it_is_updated() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->add_class( 'foo-class' );
+		$p->remove_class( 'foo-class' );
+		$this->assertSame(
+			'main with-border',
+			$p->get_attribute( 'class' ),
+			'get_attribute() (called before get_updated_html()) returned class name that was added via add_class() and then removed by remove_class()'
+		);
+		$this->assertSame(
+			self::HTML_WITH_CLASSES,
+			$p->get_updated_html(),
+			'Updated HTML includes class that was added via add_class() and then removed by remove_class()'
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers remove_class
+	 * @covers get_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_get_attribute_reflects_duplicating_and_then_removing_an_existing_class_name_before_it_is_updated() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->add_class( 'with-border' );
+		$p->remove_class( 'with-border' );
+		$this->assertSame(
+			'main',
+			$p->get_attribute( 'class' ),
+			'get_attribute() (called before get_updated_html()) returned class name that was duplicated via add_class() and then removed by remove_class()'
+		);
+		$this->assertSame(
+			'<div class="main" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML includes class that was duplicated via add_class() and then removed by remove_class()'
+		);
+	}
+
+	/**
+	 * According to HTML spec, only the first instance of an attribute counts.
+	 * The other ones are ignored.
+	 *
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_update_first_when_duplicated_attribute() {
+		$p = new WP_HTML_Tag_Processor( '<div id="update-me" id="ignored-id"><span id="second">Text</span></div>' );
+		$p->next_tag();
+		$p->set_attribute( 'id', 'updated-id' );
+		$this->assertSame( '<div id="updated-id" id="ignored-id"><span id="second">Text</span></div>', $p->get_updated_html() );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_set_attribute_with_an_existing_attribute_name_updates_its_value_in_the_markup() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->set_attribute( 'id', 'new-id' );
+		$this->assertSame( '<div id="new-id"><span id="second">Text</span></div>', $p->get_updated_html() );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_next_tag_and_set_attribute_in_a_loop_update_all_tags_in_the_markup() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		while ( $p->next_tag() ) {
+			$p->set_attribute( 'data-foo', 'bar' );
+		}
+
+		$this->assertSame( '<div data-foo="bar" id="first"><span data-foo="bar" id="second">Text</span></div>', $p->get_updated_html() );
+	}
+
+	/**
+	 * Removing an attribute that's listed many times, e.g. `<div id="a" id="b" />` should remove
+	 * all its instances and output just `<div />`.
+	 *
+	 * Today, however, WP_HTML_Tag_Processor only removes the first such attribute. It seems like a corner case
+	 * and introducing additional complexity to correctly handle this scenario doesn't seem to be worth it.
+	 * Let's revisit if and when this becomes a problem.
+	 *
+	 * This test is in place to confirm this behavior, while incorrect, is well-defined.
+	 *
+	 * @ticket 56299
+	 *
+	 * @covers remove_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_remove_first_when_duplicated_attribute() {
+		$p = new WP_HTML_Tag_Processor( '<div id="update-me" id="ignored-id"><span id="second">Text</span></div>' );
+		$p->next_tag();
+		$p->remove_attribute( 'id' );
+		$this->assertSame( '<div  id="ignored-id"><span id="second">Text</span></div>', $p->get_updated_html() );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers remove_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_remove_attribute_with_an_existing_attribute_name_removes_it_from_the_markup() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->remove_attribute( 'id' );
+		$this->assertSame( '<div ><span id="second">Text</span></div>', $p->get_updated_html() );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers remove_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_remove_attribute_with_a_non_existing_attribute_name_does_not_change_the_markup() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->remove_attribute( 'no-such-attribute' );
+		$this->assertSame( self::HTML_SIMPLE, $p->get_updated_html() );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_add_class_creates_a_class_attribute_when_there_is_none() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->add_class( 'foo-class' );
+		$this->assertSame(
+			'<div class="foo-class" id="first"><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not include class name added via add_class()'
+		);
+		$this->assertSame(
+			'foo-class',
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) did not return class name added via add_class()"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_calling_add_class_twice_creates_a_class_attribute_with_both_class_names_when_there_is_no_class_attribute() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->add_class( 'foo-class' );
+		$p->add_class( 'bar-class' );
+		$this->assertSame(
+			'<div class="foo-class bar-class" id="first"><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not include class names added via subsequent add_class() calls'
+		);
+		$this->assertSame(
+			'foo-class bar-class',
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) did not return class names added via subsequent add_class() calls"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers remove_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_remove_class_does_not_change_the_markup_when_there_is_no_class_attribute() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->remove_class( 'foo-class' );
+		$this->assertSame(
+			self::HTML_SIMPLE,
+			$p->get_updated_html(),
+			'Updated HTML includes class name that was removed by remove_class()'
+		);
+		$this->assertNull(
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) did not return null for class name that was removed by remove_class()"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_add_class_appends_class_names_to_the_existing_class_attribute_when_one_already_exists() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->add_class( 'foo-class' );
+		$p->add_class( 'bar-class' );
+		$this->assertSame(
+			'<div class="main with-border foo-class bar-class" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not reflect class names added to existing class attribute via subsequent add_class() calls'
+		);
+		$this->assertSame(
+			'main with-border foo-class bar-class',
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) does not reflect class names added to existing class attribute via subsequent add_class() calls"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers remove_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_remove_class_removes_a_single_class_from_the_class_attribute_when_one_exists() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->remove_class( 'main' );
+		$this->assertSame(
+			'<div class=" with-border" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not reflect class name removed from existing class attribute via remove_class()'
+		);
+		$this->assertSame(
+			' with-border',
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) does not reflect class name removed from existing class attribute via remove_class()"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers remove_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_calling_remove_class_with_all_listed_class_names_removes_the_existing_class_attribute_from_the_markup() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->remove_class( 'main' );
+		$p->remove_class( 'with-border' );
+		$this->assertSame(
+			'<div  id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not reflect class attribute removed via subesequent remove_class() calls'
+		);
+		$this->assertNull(
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) did not return null for class attribute removed via subesequent remove_class() calls"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_add_class_does_not_add_duplicate_class_names() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->add_class( 'with-border' );
+		$this->assertSame(
+			'<div class="main with-border" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not reflect deduplicated class name added via add_class()'
+		);
+		$this->assertSame(
+			'main with-border',
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) does not reflect deduplicated class name added via add_class()"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_add_class_preserves_class_name_order_when_a_duplicate_class_name_is_added() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->add_class( 'main' );
+		$this->assertSame(
+			'<div class="main with-border" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not reflect class name order after adding duplicated class name via add_class()'
+		);
+		$this->assertSame(
+			'main with-border',
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) does not reflect class name order after adding duplicated class name added via add_class()"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_add_class_when_there_is_a_class_attribute_with_excessive_whitespaces() {
+		$p = new WP_HTML_Tag_Processor(
+			'<div class="   main   with-border   " id="first"><span class="not-main bold with-border" id="second">Text</span></div>'
+		);
+		$p->next_tag();
+		$p->add_class( 'foo-class' );
+		$this->assertSame(
+			'<div class="   main   with-border foo-class" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not reflect existing excessive whitespace after adding class name via add_class()'
+		);
+		$this->assertSame(
+			'   main   with-border foo-class',
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) does not reflect existing excessive whitespace after adding class name via add_class()"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers remove_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_remove_class_preserves_whitespaces_when_there_is_a_class_attribute_with_excessive_whitespaces() {
+		$p = new WP_HTML_Tag_Processor(
+			'<div class="   main   with-border   " id="first"><span class="not-main bold with-border" id="second">Text</span></div>'
+		);
+		$p->next_tag();
+		$p->remove_class( 'with-border' );
+		$this->assertSame(
+			'<div class="   main" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not reflect existing excessive whitespace after removing class name via remove_class()'
+		);
+		$this->assertSame(
+			'   main',
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) does not reflect existing excessive whitespace after removing class name via removing_class()"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers remove_class
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_removing_all_classes_removes_the_existing_class_attribute_from_the_markup_even_when_excessive_whitespaces_are_present() {
+		$p = new WP_HTML_Tag_Processor(
+			'<div class="   main   with-border   " id="first"><span class="not-main bold with-border" id="second">Text</span></div>'
+		);
+		$p->next_tag();
+		$p->remove_class( 'main' );
+		$p->remove_class( 'with-border' );
+		$this->assertSame(
+			'<div  id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			'Updated HTML does not reflect removed class attribute after removing all class names via remove_class()'
+		);
+		$this->assertNull(
+			$p->get_attribute( 'class' ),
+			"get_attribute( 'class' ) did not return null after removing all class names via remove_class()"
+		);
+	}
+
+	/**
+	 * When add_class( $different_value ) is called _after_ set_attribute( 'class', $value ), the
+	 * final class name should be "$value $different_value". In other words, the `add_class` call
+	 * should append its class to the one(s) set by `set_attribute`. When `add_class( $different_value )`
+	 * is called _before_ `set_attribute( 'class', $value )`, however, the final class name should be
+	 * "$value" instead, as any direct updates to the `class` attribute supersede any changes enqueued
+	 * via the class builder methods.
+	 *
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 * @covers get_attribute
+	 */
+	public function test_set_attribute_takes_priority_over_add_class() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->add_class( 'add_class' );
+		$p->set_attribute( 'class', 'set_attribute' );
+		$this->assertSame(
+			'<div class="set_attribute" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			"Calling get_updated_html after updating first tag's attributes did not return the expected HTML"
+		);
+		$this->assertSame(
+			'set_attribute',
+			$p->get_attribute( 'class' ),
+			"Calling get_attribute after updating first tag's attributes did not return the expected class name"
+		);
+
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->set_attribute( 'class', 'set_attribute' );
+		$p->add_class( 'add_class' );
+		$this->assertSame(
+			'<div class="set_attribute add_class" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			"Calling get_updated_html after updating first tag's attributes did not return the expected HTML"
+		);
+		$this->assertSame(
+			'set_attribute add_class',
+			$p->get_attribute( 'class' ),
+			"Calling get_attribute after updating first tag's attributes did not return the expected class name"
+		);
+	}
+
+	/**
+	 * When add_class( $different_value ) is called _after_ set_attribute( 'class', $value ), the
+	 * final class name should be "$value $different_value". In other words, the `add_class` call
+	 * should append its class to the one(s) set by `set_attribute`. When `add_class( $different_value )`
+	 * is called _before_ `set_attribute( 'class', $value )`, however, the final class name should be
+	 * "$value" instead, as any direct updates to the `class` attribute supersede any changes enqueued
+	 * via the class builder methods.
+	 *
+	 * This is still true if we read enqueued updates before calling `get_updated_html()`.
+	 *
+	 * @ticket 56299
+	 *
+	 * @covers add_class
+	 * @covers set_attribute
+	 * @covers get_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_set_attribute_takes_priority_over_add_class_even_before_updating() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->add_class( 'add_class' );
+		$p->set_attribute( 'class', 'set_attribute' );
+		$this->assertSame(
+			'set_attribute',
+			$p->get_attribute( 'class' ),
+			"Calling get_attribute after updating first tag's attributes did not return the expected class name"
+		);
+		$this->assertSame(
+			'<div class="set_attribute" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			"Calling get_updated_html after updating first tag's attributes did not return the expected HTML"
+		);
+
+		$p = new WP_HTML_Tag_Processor( self::HTML_WITH_CLASSES );
+		$p->next_tag();
+		$p->set_attribute( 'class', 'set_attribute' );
+		$p->add_class( 'add_class' );
+		$this->assertSame(
+			'set_attribute add_class',
+			$p->get_attribute( 'class' ),
+			"Calling get_attribute after updating first tag's attributes did not return the expected class name"
+		);
+		$this->assertSame(
+			'<div class="set_attribute add_class" id="first"><span class="not-main bold with-border" id="second">Text</span></div>',
+			$p->get_updated_html(),
+			"Calling get_updated_html after updating first tag's attributes did not return the expected HTML"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers add_class
+	 * @covers get_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_add_class_overrides_boolean_class_attribute() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->set_attribute( 'class', true );
+		$p->add_class( 'add_class' );
+		$this->assertSame(
+			'<div class="add_class" id="first"><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			"Updated HTML doesn't reflect class added via add_class that was originally set as boolean attribute"
+		);
+		$this->assertSame(
+			'add_class',
+			$p->get_attribute( 'class' ),
+			"get_attribute (called after get_updated_html()) doesn't reflect class added via add_class that was originally set as boolean attribute"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers add_class
+	 * @covers get_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_add_class_overrides_boolean_class_attribute_even_before_updating() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_SIMPLE );
+		$p->next_tag();
+		$p->set_attribute( 'class', true );
+		$p->add_class( 'add_class' );
+		$this->assertSame(
+			'add_class',
+			$p->get_attribute( 'class' ),
+			"get_attribute (called before get_updated_html()) doesn't reflect class added via add_class that was originally set as boolean attribute"
+		);
+		$this->assertSame(
+			'<div class="add_class" id="first"><span id="second">Text</span></div>',
+			$p->get_updated_html(),
+			"Updated HTML doesn't reflect class added via add_class that was originally set as boolean attribute"
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers remove_attribute
+	 * @covers add_class
+	 * @covers remove_class
+	 * @covers get_updated_html
+	 */
+	public function test_advanced_use_case() {
+		$input = <<<HTML
+<div selected class="merge-message" checked>
+	<div class="select-menu d-inline-block">
+		<div checked class="BtnGroup MixedCaseHTML position-relative" />
+		<div checked class="BtnGroup MixedCaseHTML position-relative">
+			<button type="button" class="merge-box-button btn-group-merge rounded-left-2 btn  BtnGroup-item js-details-target hx_create-pr-button" aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Merge pull request
+			</button>
+
+			<button type="button" class="merge-box-button btn-group-squash rounded-left-2 btn  BtnGroup-item js-details-target hx_create-pr-button" aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Squash and merge
+			</button>
+
+			<button type="button" class="merge-box-button btn-group-rebase rounded-left-2 btn  BtnGroup-item js-details-target hx_create-pr-button" aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Rebase and merge
+			</button>
+
+			<button aria-label="Select merge method" disabled="disabled" type="button" data-view-component="true" class="select-menu-button btn BtnGroup-item"></button>
+		</div>
+	</div>
+</div>
+HTML;
+
+		$expected_output = <<<HTML
+<div data-details="{ &quot;key&quot;: &quot;value&quot; }" selected class="merge-message is-processed" checked>
+	<div class="select-menu d-inline-block">
+		<div checked class=" MixedCaseHTML position-relative button-group Another-Mixed-Case" />
+		<div checked class=" MixedCaseHTML position-relative button-group Another-Mixed-Case">
+			<button type="button" class="merge-box-button btn-group-merge rounded-left-2 btn  BtnGroup-item js-details-target hx_create-pr-button" aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Merge pull request
+			</button>
+
+			<button type="button" class="merge-box-button btn-group-squash rounded-left-2 btn  BtnGroup-item js-details-target hx_create-pr-button" aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Squash and merge
+			</button>
+
+			<button type="button"  aria-expanded="false" data-details-container=".js-merge-pr" disabled="">
+			  Rebase and merge
+			</button>
+
+			<button aria-label="Select merge method" disabled="disabled" type="button" data-view-component="true" class="select-menu-button btn BtnGroup-item"></button>
+		</div>
+	</div>
+</div>
+HTML;
+
+		$p = new WP_HTML_Tag_Processor( $input );
+		$this->assertTrue( $p->next_tag( 'div' ), 'Querying an existing tag did not return true' );
+		$p->set_attribute( 'data-details', '{ "key": "value" }' );
+		$p->add_class( 'is-processed' );
+		$this->assertTrue(
+			$p->next_tag(
+				array(
+					'tag_name'   => 'div',
+					'class_name' => 'BtnGroup',
+				)
+			),
+			'Querying an existing tag did not return true'
+		);
+		$p->remove_class( 'BtnGroup' );
+		$p->add_class( 'button-group' );
+		$p->add_class( 'Another-Mixed-Case' );
+		$this->assertTrue(
+			$p->next_tag(
+				array(
+					'tag_name'   => 'div',
+					'class_name' => 'BtnGroup',
+				)
+			),
+			'Querying an existing tag did not return true'
+		);
+		$p->remove_class( 'BtnGroup' );
+		$p->add_class( 'button-group' );
+		$p->add_class( 'Another-Mixed-Case' );
+		$this->assertTrue(
+			$p->next_tag(
+				array(
+					'tag_name'     => 'button',
+					'class_name'   => 'btn',
+					'match_offset' => 3,
+				)
+			),
+			'Querying an existing tag did not return true'
+		);
+		$p->remove_attribute( 'class' );
+		$this->assertFalse( $p->next_tag( 'non-existent' ), 'Querying a non-existing tag did not return false' );
+		$p->set_attribute( 'class', 'test' );
+		$this->assertSame( $expected_output, $p->get_updated_html(), 'Calling get_updated_html after updating the attributes did not return the expected HTML' );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers remove_attribute
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_correctly_parses_html_attributes_wrapped_in_single_quotation_marks() {
+		$p = new WP_HTML_Tag_Processor(
+			'<div id=\'first\'><span id=\'second\'>Text</span></div>'
+		);
+		$p->next_tag(
+			array(
+				'tag_name' => 'div',
+				'id'       => 'first',
+			)
+		);
+		$p->remove_attribute( 'id' );
+		$p->next_tag(
+			array(
+				'tag_name' => 'span',
+				'id'       => 'second',
+			)
+		);
+		$p->set_attribute( 'id', 'single-quote' );
+		$this->assertSame(
+			'<div ><span id="single-quote">Text</span></div>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_set_attribute_with_value_equals_to_true_adds_a_boolean_html_attribute_with_implicit_value() {
+		$p = new WP_HTML_Tag_Processor(
+			'<form action="/action_page.php"><input type="checkbox" name="vehicle" value="Bike"><label for="vehicle">I have a bike</label></form>'
+		);
+		$p->next_tag( 'input' );
+		$p->set_attribute( 'checked', true );
+		$this->assertSame(
+			'<form action="/action_page.php"><input checked type="checkbox" name="vehicle" value="Bike"><label for="vehicle">I have a bike</label></form>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_setting_a_boolean_attribute_to_false_removes_it_from_the_markup() {
+		$p = new WP_HTML_Tag_Processor(
+			'<form action="/action_page.php"><input checked type="checkbox" name="vehicle" value="Bike"><label for="vehicle">I have a bike</label></form>'
+		);
+		$p->next_tag( 'input' );
+		$p->set_attribute( 'checked', false );
+		$this->assertSame(
+			'<form action="/action_page.php"><input  type="checkbox" name="vehicle" value="Bike"><label for="vehicle">I have a bike</label></form>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_setting_a_missing_attribute_to_false_does_not_change_the_markup() {
+		$html_input = '<form action="/action_page.php"><input type="checkbox" name="vehicle" value="Bike"><label for="vehicle">I have a bike</label></form>';
+		$p          = new WP_HTML_Tag_Processor( $html_input );
+		$p->next_tag( 'input' );
+		$p->set_attribute( 'checked', false );
+		$this->assertSame( $html_input, $p->get_updated_html() );
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_setting_a_boolean_attribute_to_a_string_value_adds_explicit_value_to_the_markup() {
+		$p = new WP_HTML_Tag_Processor(
+			'<form action="/action_page.php"><input checked type="checkbox" name="vehicle" value="Bike"><label for="vehicle">I have a bike</label></form>'
+		);
+		$p->next_tag( 'input' );
+		$p->set_attribute( 'checked', 'checked' );
+		$this->assertSame(
+			'<form action="/action_page.php"><input checked="checked" type="checkbox" name="vehicle" value="Bike"><label for="vehicle">I have a bike</label></form>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers get_tag
+	 * @covers next_tag
+	 */
+	public function test_unclosed_script_tag_should_not_cause_an_infinite_loop() {
+		$p = new WP_HTML_Tag_Processor( '<script>' );
+		$p->next_tag();
+		$this->assertSame( 'SCRIPT', $p->get_tag() );
+		$p->next_tag();
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 *
+	 * @dataProvider data_script_state
+	 */
+	public function test_next_tag_ignores_the_contents_of_a_script_tag( $script_then_div ) {
+		$p = new WP_HTML_Tag_Processor( $script_then_div );
+		$p->next_tag();
+		$this->assertSame( 'SCRIPT', $p->get_tag(), 'The first found tag was not "script"' );
+		$p->next_tag();
+		$this->assertSame( 'DIV', $p->get_tag(), 'The second found tag was not "div"' );
+	}
+
+	/**
+	 * Data provider for test_ignores_contents_of_a_script_tag().
+	 *
+	 * @return array {
+	 *     @type array {
+	 *         @type string $script_then_div The HTML snippet containing script and div tags.
+	 *     }
+	 * }
+	 */
+	public function data_script_state() {
+		$examples = array();
+
+		$examples['Simple script tag'] = array(
+			'<script><span class="d-none d-md-inline">Back to notifications</span></script><div></div>',
+		);
+
+		$examples['Simple uppercase script tag'] = array(
+			'<script><span class="d-none d-md-inline">Back to notifications</span></SCRIPT><div></div>',
+		);
+
+		$examples['Script with a comment opener inside should end at the next script tag closer (dash dash escaped state)'] = array(
+			'<script class="d-md-none"><!--</script><div></div>-->',
+		);
+
+		$examples['Script with a comment opener and a script tag opener inside should end two script tag closer later (double escaped state)'] = array(
+			'<script class="d-md-none"><!--<script><span1></script><span2></span2></script><div></div>-->',
+		);
+
+		$examples['Double escaped script with a tricky opener'] = array(
+			'<script class="d-md-none"><!--<script attr="</script>"></script>"><div></div>',
+		);
+
+		$examples['Double escaped script with a tricky closer'] = array(
+			'<script class="d-md-none"><!--<script><span></script attr="</script>"><div></div>',
+		);
+
+		$examples['Double escaped, then escaped, then double escaped'] = array(
+			'<script class="d-md-none"><!--<script></script><script></script><span></span></script><div></div>',
+		);
+
+		$examples['Script with a commented a script tag opener inside should at the next tag closer (dash dash escaped state)'] = array(
+			'<script class="d-md-none"><!--<script>--><span></script><div></div>-->',
+		);
+
+		$examples['Script closer with another script tag in closer attributes'] = array(
+			'<script><span class="d-none d-md-inline">Back to notifications</title</span></script <script><div></div>',
+		);
+
+		$examples['Script closer with attributes'] = array(
+			'<script class="d-md-none"><span class="d-none d-md-inline">Back to notifications</span></script id="test"><div></div>',
+		);
+
+		$examples['Script opener with title closer inside'] = array(
+			'<script class="d-md-none"></title></script><div></div>',
+		);
+
+		$examples['Complex script with many parsing states'] = array(
+			'<script class="d-md-none"><!--<script>--><scRipt><span><!--<span><Script</script>--></scripT><div></div>-->',
+		);
+		return $examples;
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 *
+	 * @dataProvider data_rcdata_state
+	 */
+	public function test_next_tag_ignores_the_contents_of_a_rcdata_tag( $rcdata_then_div, $rcdata_tag ) {
+		$p = new WP_HTML_Tag_Processor( $rcdata_then_div );
+		$p->next_tag();
+		$this->assertSame( strtoupper( $rcdata_tag ), $p->get_tag(), "The first found tag was not '$rcdata_tag'" );
+		$p->next_tag();
+		$this->assertSame( 'DIV', $p->get_tag(), "The second found tag was not 'div'" );
+	}
+
+	/**
+	 * Data provider for test_ignores_contents_of_a_rcdata_tag().
+	 *
+	 * @return array {
+	 *     @type array {
+	 *         @type string $rcdata_then_div The HTML snippet containing RCDATA and div tags.
+	 *         @type string $rcdata_tag      The RCDATA tag.
+	 *     }
+	 * }
+	 */
+	public function data_rcdata_state() {
+		$examples                    = array();
+		$examples['Simple textarea'] = array(
+			'<textarea><span class="d-none d-md-inline">Back to notifications</span></textarea><div></div>',
+			'TEXTAREA',
+		);
+
+		$examples['Simple title'] = array(
+			'<title><span class="d-none d-md-inline">Back to notifications</title</span></title><div></div>',
+			'TITLE',
+		);
+
+		$examples['Comment opener inside a textarea tag should be ignored'] = array(
+			'<textarea class="d-md-none"><!--</textarea><div></div>-->',
+			'TEXTAREA',
+		);
+
+		$examples['Textarea closer with another textarea tag in closer attributes'] = array(
+			'<textarea><span class="d-none d-md-inline">Back to notifications</title</span></textarea <textarea><div></div>',
+			'TEXTAREA',
+		);
+
+		$examples['Textarea closer with attributes'] = array(
+			'<textarea class="d-md-none"><span class="d-none d-md-inline">Back to notifications</span></textarea id="test"><div></div>',
+			'TEXTAREA',
+		);
+
+		$examples['Textarea opener with title closer inside'] = array(
+			'<textarea class="d-md-none"></title></textarea><div></div>',
+			'TEXTAREA',
+		);
+		return $examples;
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_can_query_and_update_wrongly_nested_tags() {
+		$p = new WP_HTML_Tag_Processor(
+			'<span>123<p>456</span>789</p>'
+		);
+		$p->next_tag( 'span' );
+		$p->set_attribute( 'class', 'span-class' );
+		$p->next_tag( 'p' );
+		$p->set_attribute( 'class', 'p-class' );
+		$this->assertSame(
+			'<span class="span-class">123<p class="p-class">456</span>789</p>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers remove_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_removing_attributes_works_even_in_malformed_html() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_MALFORMED );
+		$p->next_tag( 'span' );
+		$p->remove_attribute( 'Notifications<' );
+		$this->assertSame(
+			'<div><span class="d-md-none" /span><span class="d-none d-md-inline">Back to notifications</span></div>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_Tag
+	 * @covers set_attribute
+	 * @covers get_updated_html
+	 */
+	public function test_updating_attributes_works_even_in_malformed_html_1() {
+		$p = new WP_HTML_Tag_Processor( self::HTML_MALFORMED );
+		$p->next_tag( 'span' );
+		$p->set_attribute( 'id', 'first' );
+		$p->next_tag( 'span' );
+		$p->set_attribute( 'id', 'second' );
+		$this->assertSame(
+			'<div><span id="first" class="d-md-none" Notifications</span><span id="second" class="d-none d-md-inline">Back to notifications</span></div>',
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * @ticket 56299
+	 *
+	 * @covers next_tag
+	 * @covers set_attribute
+	 * @covers add_class
+	 * @covers get_updated_html
+	 *
+	 * @dataProvider data_malformed_tag
+	 */
+	public function test_updating_attributes_works_even_in_malformed_html_2( $html_input, $html_expected ) {
+		$p = new WP_HTML_Tag_Processor( $html_input );
+		$p->next_tag();
+		$p->set_attribute( 'foo', 'bar' );
+		$p->add_class( 'firstTag' );
+		$p->next_tag();
+		$p->add_class( 'secondTag' );
+		$this->assertSame(
+			$html_expected,
+			$p->get_updated_html()
+		);
+	}
+
+	/**
+	 * Data provider for test_updates_when_malformed_tag().
+	 *
+	 * @return array {
+	 *     @type array {
+	 *         @type string $html_input    The input HTML snippet.
+	 *         @type string $html_expected The expected HTML snippet after processing.
+	 *     }
+	 * }
+	 */
+	public function data_malformed_tag() {
+		$null_byte = chr( 0 );
+		$examples  = array();
+		$examples['Invalid entity inside attribute value'] = array(
+			'<img src="https://s0.wp.com/i/atat.png" title="&; First &lt;title&gt; is &notit;" TITLE="second title" title="An Imperial &imperial; AT-AT"><span>test</span>',
+			'<img class="firstTag" foo="bar" src="https://s0.wp.com/i/atat.png" title="&; First &lt;title&gt; is &notit;" TITLE="second title" title="An Imperial &imperial; AT-AT"><span class="secondTag">test</span>',
+		);
+
+		$examples['HTML tag opening inside attribute value'] = array(
+			'<pre id="<code" class="wp-block-code <code is poetry&gt;"><code>This &lt;is> a &lt;strong is="true">thing.</code></pre><span>test</span>',
+			'<pre foo="bar" id="<code" class="wp-block-code &lt;code is poetry&gt; firstTag"><code class="secondTag">This &lt;is> a &lt;strong is="true">thing.</code></pre><span>test</span>',
+		);
+
+		$examples['HTML tag brackets in attribute values and data markup'] = array(
+			'<pre id="<code-&gt;-block-&gt;" class="wp-block-code <code is poetry&gt;"><code>This &lt;is> a &lt;strong is="true">thing.</code></pre><span>test</span>',
+			'<pre foo="bar" id="<code-&gt;-block-&gt;" class="wp-block-code &lt;code is poetry&gt; firstTag"><code class="secondTag">This &lt;is> a &lt;strong is="true">thing.</code></pre><span>test</span>',
+		);
+
+		$examples['Single and double quotes in attribute value'] = array(
+			'<p title="Demonstrating how to use single quote (\') and double quote (&quot;)"><span>test</span>',
+			'<p class="firstTag" foo="bar" title="Demonstrating how to use single quote (\') and double quote (&quot;)"><span class="secondTag">test</span>',
+		);
+
+		$examples['Unquoted attribute values'] = array(
+			'<hr a=1 a=2 a=3 a=5 /><span>test</span>',
+			'<hr class="firstTag" foo="bar" a=1 a=2 a=3 a=5 /><span class="secondTag">test</span>',
+		);
+
+		$examples['Double-quotes escaped in double-quote attribute value'] = array(
+			'<hr title="This is a &quot;double-quote&quot;"><span>test</span>',
+			'<hr class="firstTag" foo="bar" title="This is a &quot;double-quote&quot;"><span class="secondTag">test</span>',
+		);
+
+		$examples['Unquoted attribute value'] = array(
+			'<hr id=code><span>test</span>',
+			'<hr class="firstTag" foo="bar" id=code><span class="secondTag">test</span>',
+		);
+
+		$examples['Unquoted attribute value with tag-like value'] = array(
+			'<hr id= 	<code> ><span>test</span>',
+			'<hr class="firstTag" foo="bar" id= 	<code> ><span class="secondTag">test</span>',
+		);
+
+		$examples['Unquoted attribute value with tag-like value followed by tag-like data'] = array(
+			'<hr id=code>><span>test</span>',
+			'<hr class="firstTag" foo="bar" id=code>><span class="secondTag">test</span>',
+		);
+
+		$examples['1'] = array(
+			'<hr id=&quo;code><span>test</span>',
+			'<hr class="firstTag" foo="bar" id=&quo;code><span class="secondTag">test</span>',
+		);
+
+		$examples['2'] = array(
+			'<hr id/test=5><span>test</span>',
+			'<hr class="firstTag" foo="bar" id/test=5><span class="secondTag">test</span>',
+		);
+
+		$examples['4'] = array(
+			'<hr title="<hr>"><span>test</span>',
+			'<hr class="firstTag" foo="bar" title="<hr>"><span class="secondTag">test</span>',
+		);
+
+		$examples['5'] = array(
+			'<hr id=>code><span>test</span>',
+			'<hr class="firstTag" foo="bar" id=>code><span class="secondTag">test</span>',
+		);
+
+		$examples['6'] = array(
+			'<hr id"quo="test"><span>test</span>',
+			'<hr class="firstTag" foo="bar" id"quo="test"><span class="secondTag">test</span>',
+		);
+
+		$examples['7'] = array(
+			'<hr id' . $null_byte . 'zero="test"><span>test</span>',
+			'<hr class="firstTag" foo="bar" id' . $null_byte . 'zero="test"><span class="secondTag">test</span>',
+		);
+
+		$examples['8'] = array(
+			'<hr >id="test"><span>test</span>',
+			'<hr class="firstTag" foo="bar" >id="test"><span class="secondTag">test</span>',
+		);
+
+		$examples['9'] = array(
+			'<hr =id="test"><span>test</span>',
+			'<hr class="firstTag" foo="bar" =id="test"><span class="secondTag">test</span>',
+		);
+
+		$examples['10'] = array(
+			'</><span>test</span>',
+			'</><span class="firstTag" foo="bar">test</span>',
+		);
+
+		$examples['11'] = array(
+			'The applicative operator <* works well in Haskell; <data-tag> is what?<span>test</span>',
+			'The applicative operator <* works well in Haskell; <data-tag class="firstTag" foo="bar"> is what?<span class="secondTag">test</span>',
+		);
+
+		$examples['12'] = array(
+			'<3 is a heart but <t3> is a tag.<span>test</span>',
+			'<3 is a heart but <t3 class="firstTag" foo="bar"> is a tag.<span class="secondTag">test</span>',
+		);
+
+		$examples['13'] = array(
+			'<?comment --><span>test</span>',
+			'<?comment --><span class="firstTag" foo="bar">test</span>',
+		);
+
+		$examples['14'] = array(
+			'<!-- this is a comment. no <strong>tags</strong> allowed --><span>test</span>',
+			'<!-- this is a comment. no <strong>tags</strong> allowed --><span class="firstTag" foo="bar">test</span>',
+		);
+
+		$examples['15'] = array(
+			'<![CDATA[This <is> a <strong id="yes">HTML Tag</strong>]]><span>test</span>',
+			'<![CDATA[This <is> a <strong id="yes">HTML Tag</strong>]]><span class="firstTag" foo="bar">test</span>',
+		);
+
+		$examples['16'] = array(
+			'<hr ===name="value"><span>test</span>',
+			'<hr class="firstTag" foo="bar" ===name="value"><span class="secondTag">test</span>',
+		);
+
+		$examples['17'] = array(
+			'<hr asdf="test"><span>test</span>',
+			'<hr class="firstTag" foo="bar" asdf="test"><span class="secondTag">test</span>',
+		);
+
+		$examples['18'] = array(
+			'<hr =asdf="tes"><span>test</span>',
+			'<hr class="firstTag" foo="bar" =asdf="tes"><span class="secondTag">test</span>',
+		);
+
+		$examples['19'] = array(
+			'<hr ==="test"><span>test</span>',
+			'<hr class="firstTag" foo="bar" ==="test"><span class="secondTag">test</span>',
+		);
+
+		$examples['20'] = array(
+			'<hr =><span>test</span>',
+			'<hr class="firstTag" foo="bar" =><span class="secondTag">test</span>',
+		);
+
+		$examples['21'] = array(
+			'<hr =5><span>test</span>',
+			'<hr class="firstTag" foo="bar" =5><span class="secondTag">test</span>',
+		);
+
+		$examples['22'] = array(
+			'<hr ==><span>test</span>',
+			'<hr class="firstTag" foo="bar" ==><span class="secondTag">test</span>',
+		);
+
+		$examples['23'] = array(
+			'<hr ===><span>test</span>',
+			'<hr class="firstTag" foo="bar" ===><span class="secondTag">test</span>',
+		);
+
+		$examples['24'] = array(
+			'<hr disabled><span>test</span>',
+			'<hr class="firstTag" foo="bar" disabled><span class="secondTag">test</span>',
+		);
+
+		$examples['25'] = array(
+			'<hr a"sdf="test"><span>test</span>',
+			'<hr class="firstTag" foo="bar" a"sdf="test"><span class="secondTag">test</span>',
+		);
+
+		$examples['Multiple unclosed tags treated as a single tag'] = array(
+			<<<HTML
+			<hr id=">"code
+			<hr id="value>"code
+			<hr id="/>"code
+			<hr id="value/>"code
+			/>
+			<span>test</span>
+HTML
+			,
+			<<<HTML
+			<hr class="firstTag" foo="bar" id=">"code
+			<hr id="value>"code
+			<hr id="/>"code
+			<hr id="value/>"code
+			/>
+			<span class="secondTag">test</span>
+HTML
+		,
+		);
+
+		$examples['27'] = array(
+			'<hr id   =5><span>test</span>',
+			'<hr class="firstTag" foo="bar" id   =5><span class="secondTag">test</span>',
+		);
+
+		$examples['28'] = array(
+			'<hr id a  =5><span>test</span>',
+			'<hr class="firstTag" foo="bar" id a  =5><span class="secondTag">test</span>',
+		);
+
+		return $examples;
+	}
+}