### Steps to reproduce
1. In output name for download, put `/subdirectory/file.txt`
### Expected behaviour
File downloaded to `Downloads/subdirectory/file.txt`
### Actual behaviour
File downloaded to `Downloads/subdirectory_file.txt`
I believe this is issue is caused by the fix implemented in #221. The sanitization should be so it disallows parent directories (which was the security vulnerability) but allow subdirectories.