diff --git a/code/app.py b/code/app.py
index ee98d06..49248c2 100644
--- a/code/app.py
+++ b/code/app.py
@@ -186,6 +186,8 @@ def upload_url():
     if request.method == 'POST':
         name = request.form['name']
         url = request.form['url']
+        if url == "https://...":
+            return "", 200
         if not is_valid_url(url):
             return "URL not valid", 400
         (ok,share) = get_share(name)
@@ -200,7 +202,7 @@ def upload_url():
         filename = os.path.join(
             share['path'],
             secure_filename(
-                os.path.basename(url)
+                safe_string(url, ".[]()- ", no_repeat = True)
             )
         )
         if os.path.exists(filename):
diff --git a/code/docker-requirements.txt b/code/docker-requirements.txt
index d555b2e..5a5def8 100644
--- a/code/docker-requirements.txt
+++ b/code/docker-requirements.txt
@@ -1,3 +1,4 @@
 flask
 gunicorn
 pycrypto
+requests
diff --git a/code/utils/utils.py b/code/utils/utils.py
index 877d297..7340672 100644
--- a/code/utils/utils.py
+++ b/code/utils/utils.py
@@ -1,23 +1,24 @@
 import os
 from datetime import datetime
 from flask import current_app as app
+import requests
+import re
 try:
     from urllib.request import pathname2url
-    from urllib.request import URLopener
     from urllib.request import urlparse
-    from urllib.error import HTTPError
 except ImportError:
     from urllib import pathname2url
-    from urllib import URLopener
     from urlparse import urlparse
-    from urllib2 import HTTPError
 
 
-def download_url(url,filename):
-    downloader = URLopener()
+def download_url(url, filename):
     try:
-        downloader.retrieve(url, filename)
-    except HTTPError as e:
+        r = requests.get(url, stream=True)
+        with open(filename, 'wb') as f:
+            for chunk in r.iter_content(chunk_size=1024 * 1024):
+                if chunk: # filter out keep-alive new chunks
+                    f.write(chunk)
+    except requests.exceptions.RequestException as e:
         return (False, ("%s %s"%(e.code,e.reason), e.code))
     return (True, ("OK", 200 ))
 
@@ -144,6 +145,9 @@ def safe_path(s):
     return safe_string(s, "-_/")
 
 
-def safe_string(s, valid):
+def safe_string(s, valid, no_repeat = False):
     """ return a safe string, replace non alnum characters with _ . all characters in valid are considered valid. """
-    return "".join([c if c.isalnum() or c in valid else "_" for c in s])
+    safe = "".join([c if c.isalnum() or c in valid else "_" for c in s])
+    if no_repeat:
+        safe = re.sub(r'_+', '_', safe)
+    return safe