HTML API: Preserve XMP raw text serialization

[sirreal]

Summary

Preserves XMP contents literally when serializing with WP_HTML_Processor::serialize_token().

Root cause

XMP is parsed as raw text, but serialization was sending its contents through the ordinary text escaping path. That turned characters such as < into <, and because character references are not decoded inside XMP raw text, serializing and re-parsing changed the document contents.

Behavioral impact

XMP contents now serialize like other literal raw-text contents. Parser-derived XMP text is safe to emit literally here because it came from the tokenizer's raw-text state: character references were not decoded, NUL bytes are already represented as U+FFFD, and the matching </xmp> terminator is appended by the serializer rather than accepted from the raw text.

Validation

• vendor/bin/phpunit --group html-api --filter 'test_xmp_contents_are_not_escaped|test_replaces_null_bytes_appropriately' -> OK, 10 tests, 11 assertions
• vendor/bin/phpunit --group html-api --filter Tests_HtmlApi_WpHtmlProcessor_Serialize -> OK, 87 tests, 161 assertions
• vendor/bin/phpcs src/wp-includes/html-api/class-wp-html-processor.php tests/phpunit/tests/html-api/wpHtmlProcessor-serialize.php -> OK

[github-actions]

The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the props-bot label.

Core Committers: Use this line as a base for the props when committing in SVN:

Props jonsurrell.

To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook.