htmlSafe Not Safe - strip out html

controllers.application.js

import Ember from 'ember';

export default Ember.Controller.extend({
  appName: 'Ember Twiddle',
  
  string: 'relish',
  
  safeString: Ember.computed('string', function() {
    let string = this.get('string');
    if (string.indexOf('<') > -1) {
			let newString = this.stripOutHtml(string);
      return newString
    } else {
  		return string;
    }
  }),
  count: 0,
  
  stripOutHtml: function(string) {
    let count = this.get('count');
    console.log('string in function =', string);
      
    let start = string.indexOf('<');
    console.log('start', start);
      
    let end = string.indexOf('>');
    console.log('end', end);
      
    let html = string.substr(start, (end-start+1));
    console.log('html =', html);
      
    string = string.replace(html, '');
    console.log('string now =', string);
		if (string.indexOf('<') > -1) {
      console.log('stripAgain', count);
      this.set('count', count+1);
    	this.stripOutHtml(string);
    } else {
      console.log('returnOut', count);
      return string;
    }
  },
  
  actions: {
    loadArbitraryScriptTag() {
      //alert('action fired');
      //this.set('string', "relish<svg witdth='300' height='300' onclick='alert(123);'>");
      this.set('string', "relish <p>traitor</p>");
      //this.set('string', "relish");
    }
  }
});

templates.application.hbs

<h1>Welcome to {{appName}}</h1>
<br>
<br>
{{safeString}}
<br>
<br>
<button {{action "loadArbitraryScriptTag"}}>Button</button>
<br>
<br>

{{outlet}}
<br>
<br>

twiddle.json

{
  "version": "0.13.0",
  "EmberENV": {
    "FEATURES": {}
  },
  "options": {
    "use_pods": false,
    "enable-testing": false
  },
  "dependencies": {
    "jquery": "https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.js",
    "ember": "2.16.2",
    "ember-template-compiler": "2.16.2",
    "ember-testing": "2.16.2"
  },
  "addons": {
    "ember-data": "2.16.3"
  }
}