fix(runtime-vapor): setting innerHTML should go through trusted types (#13825)

Author: edison1105

packages/runtime-dom/src/index.ts

@@ -348,3 +348,7 @@ export {
   vModelSelectInit,
   vModelSetSelected,
 } from './directives/vModel'
+/**
+ * @internal
+ */
+export { unsafeToTrustedHTML } from './nodeOps'

packages/runtime-vapor/src/dom/prop.ts

@@ -14,6 +14,7 @@ import {
   mergeProps,
   patchStyle,
   shouldSetAsProp,
+  unsafeToTrustedHTML,
   warn,
 } from '@vue/runtime-dom'
 import {
@@ -197,7 +198,7 @@ export function setElementText(
 }
 
 export function setHtml(el: TargetElement, value: any): void {
-  value = value == null ? '' : value
+  value = value == null ? '' : unsafeToTrustedHTML(value)
   if (el.$html !== value) {
     el.innerHTML = el.$html = value
   }