diff --git a/lookyloo/lookyloo.py b/lookyloo/lookyloo.py
index 1e992639..bb5bcf4e 100644
--- a/lookyloo/lookyloo.py
+++ b/lookyloo/lookyloo.py
@@ -24,6 +24,7 @@ from PIL import Image, UnidentifiedImageError
 from pymisp import MISPAttribute, MISPEvent, MISPObject
 from redis import ConnectionPool, Redis
 from redis.connection import UnixDomainSocketConnection
+from werkzeug.utils import secure_filename
 
 from .capturecache import CaptureCache, CapturesIndex
 from .context import Context
@@ -400,6 +401,9 @@ class Lookyloo():
             elif isinstance(value, (list, dict)):
                 query[key] = json.dumps(value)
 
+        if 'document_name' in query:
+            query['document_name'] = secure_filename(query['document_name'])
+
         # dirty deduplicate
         hash_query = hashlib.sha512(pickle.dumps(query)).hexdigest()
         # FIXME The line below should work, but it doesn't