This would work and this something that Angular DomSanitizer does [1]. But I personally am not a big fan of this solution as it has large performance penalty if the sanitized string is huge.

[1] https://github.com/angular/angular/blob/2038568f3e631cb15e91...