diff --git a/app/controllers/my_profile/consumed_products_controller.rb b/app/controllers/my_profile/consumed_products_controller.rb
index 0273b95..4652cfc 100644
--- a/app/controllers/my_profile/consumed_products_controller.rb
+++ b/app/controllers/my_profile/consumed_products_controller.rb
@@ -27,7 +27,17 @@ class ConsumedProductsController < ApplicationController
     else
       flash[:notice] = _('Could not remove the product')
     end
-      redirect_back_or_default :action => 'index'
+    redirect_back_or_default :action => 'index'
+  end
+
+  private
+  
+  require 'erb'
+  include ERB::Util
+  def sanitize
+    if params[:consumption]
+      params[:consumption][:aditional_specifications] = html_escape(params[:consumption][:aditional_specifications]) if params[:consumption][:aditional_specifications]
+    end
   end
 
 end
diff --git a/app/views/consumed_products/new.rhtml b/app/views/consumed_products/new.rhtml
index d251b9c..d3131d2 100644
--- a/app/views/consumed_products/new.rhtml
+++ b/app/views/consumed_products/new.rhtml
@@ -1,4 +1,4 @@
-<h2> <%= _('Add product') %> </h2>
+<h2><%= _('Add product') %></h2>
 
 <%= error_messages_for :consumption  %>
 
diff --git a/test/functional/consumed_products_controller_test.rb b/test/functional/consumed_products_controller_test.rb
index d7e76fb..6afed4c 100644
--- a/test/functional/consumed_products_controller_test.rb
+++ b/test/functional/consumed_products_controller_test.rb
@@ -5,14 +5,55 @@ require 'consumed_products_controller'
 class ConsumedProductsController; def rescue_action(e) raise e end; end
 
 class ConsumedProductsControllerTest < Test::Unit::TestCase
+
+  all_fixtures
+
   def setup
     @controller = ConsumedProductsController.new
     @request    = ActionController::TestRequest.new
     @response   = ActionController::TestResponse.new
+
+    @profile = create_user('testinguser').person
+  end
+  attr_reader :profile
+
+  should 'display new form' do
+    login_as(profile.identifier)
+    get :new, :profile => profile.identifier
+    assert_tag :tag => 'h2', :content => 'Add product'
+  end
+
+  should 'create product' do
+    login_as(profile.identifier)
+    product_category = ProductCategory.create!(:name => 'Food', :environment => Environment.default)
+    assert_difference Consumption, :count do
+      post :new, :profile => profile.identifier, :consumption => { :product_category_id => product_category.id }
+    end
+  end
+
+  should 'display list of products' do
+    login_as(profile.identifier)
+    product_category = ProductCategory.create!(:name => 'Food', :environment => Environment.default)
+    profile.consumptions.create!(:product_category_id => product_category.id, :aditional_specifications => 'extra info')
+    get :index, :profile => profile.identifier
+    assert_tag :tag => 'pre', :content => 'extra info'
+  end
+
+  should 'filter html from specifications' do
+    login_as(profile.identifier)
+    product_category = ProductCategory.create!(:name => 'Food', :environment => Environment.default)
+    post :new, :profile => profile.identifier,
+      :consumption => { :product_category_id => product_category.id, :aditional_specifications => 'extra <b>info</b>' }
+    assert_not_equal assigns(:consumption).aditional_specifications, 'extra <b>info</b>'
   end
 
-  # Replace this with your real tests.
-  def test_truth
-    assert true
+  should 'destroy product' do
+    login_as(profile.identifier)
+    product_category = ProductCategory.create!(:name => 'Food', :environment => Environment.default)
+    product = profile.consumptions.create!(:product_category_id => product_category.id, :aditional_specifications => 'extra info')
+    assert_difference Consumption, :count, -1 do
+      post :destroy, :profile => profile.identifier, :id => product.id
+    end
   end
+  
 end
--
libgit2 0.21.2