Injecting markup into someone else's website isn't what I'd call too strict a default configuration
If you mean to convey that it's possible to configure it to filter properly, let me introduce you to `textContent` which is older than Firefox (I'm struggling to find a date it's so old)
That's the whole point of the setHTML.
How would I set a header level using textContent?
The traditional way: separating data and code
If you allow <h1> in the setHTML configuration or use the default, users with the tag in their username also always get it rendered as markupIt sounds like you're arguing against a specific usecase, rather than the technology itself. If you don't want arbitrary markup in usernames, setHTML would absolutely be the wrong choice, but that's not really a good argument against setHTML.
Which is why you only use it where you want to allow some kind of html..?