id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
21772	additional context for included templates can override current context	clime7@…	nobody	"Hey, 

here is how:

base.html
{{{
{{ foo }} <!-- outputs ""foo"" as defined in a view -->
{% include evil_snippet.html foo='bar' %}
{{ foo }} <!-- outputs ""bar"" cause the value has been overriden-->
}}}

evil_snippet.html
{{{
{% context_updater %}
}}}

@register.simple_tag(takes_context=True)
def context_updater(context, template):
    context.update({'resistance': 'is futile'}) # adds new context layer that is not accounted for
"	Bug	new	Template system	1.6	Normal				Accepted	0	0	0	0	0	0