Check calls to +render()+ for dangerous values
Check if path to action or file is determined dynamically
[Validate]