fix(many): innerHTML is disabled by default

[liamdebeasi]

Pull request checklist

Please check if your PR fulfills the following requirements:

• Tests for the changes have been added (for bug fixes / features)
• Docs have been reviewed and added / updated if needed (for bug fixes / features)
  • Some docs updates need to be made in the ionic-docs repo, in a separate PR. See the contributing guide for details.
• Build (npm run build) was run locally and any changes were pushed
• Lint (npm run lint) has passed locally and any fixes were made for failures

Pull request type

Please check the type of change your PR introduces:

• Bugfix
• Feature
• Code style update (formatting, renaming)
• Refactoring (no functional changes, no api changes)
• Build related changes
• Documentation content changes
• Other (please describe):

What is the current behavior?

As per the innerHTMLTemplatesEnabled design doc, this flag should default to false on Ionic 7 to de-risk the use of innerHTML functionality in Ionic. This change requires developers to opt-in to dangerously setting innerHTML content inside of Ionic components. As a result of this change (and combined with documentation published on our site), developers should be more informed of the risks of using innerHTML as well as the need for using a reliable sanitizer if they choose to use innerHTML.

What is the new behavior?

• innerHTMLTemplatesEnabled defaults to false.

Does this introduce a breaking change?

• Yes
• No

Other information

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[lincolnthree]

@brandyscarney @liamdebeasi the typedoc should probably be updated for this in ionic config, too, I think, right?

https://github.com/ionic-team/ionic-framework/blob/v7.0.0-rc.4/core/src/utils/config.ts#L193

[liamdebeasi]

Fixed: #27032