diff --git a/Documentation/Release.rst b/Documentation/Release.rst
index 0d0e6e103dd952696286bb1468e53746793e94ba..1e49680f8dc0c76df4be2b43922bdd168ac4442d 100644
--- a/Documentation/Release.rst
+++ b/Documentation/Release.rst
@@ -1,5 +1,5 @@
 .. ==================================================
-.. Header hierachy
+.. Header hierarchy
 .. ==
 ..  --
 ..   ^^
@@ -49,14 +49,17 @@ Features
 
 * #8886 / Check pattern: after focus lost.
 * #9655 / Checkboxes and radios now defined with a min-width in horizontal plain mode.
-* #9617:
+* #9617 / formModeGlobal:
 
- * Two modes now implemented 'requiredOff' and 'requiredOffButMark'.
- * formModeGlobal: renamed skipRequiredCheck to requiredOffButMark .
- * Keep required marks after save.
- * Stop hiding helpblocks per default, set with class qfq-only-active-error.
+ * Two modes of 'formModeGlobal' available: 'requiredOff' and 'requiredOffButMark'.
+ * 'requiredOffButMark':
 
-* Radio: new class 'qfq-disabled' if readonly is set. softer blue. mark disabled - changed hover. text in darker orange. simple-error renamed to qfq-notify - removed box around error.
+   * Renamed temporary 'skipRequiredCheck' to 'requiredOffButMark'.
+   * Keep required marks after save.
+   * Stop hiding helpblocks per default, set with class qfq-only-active-error.
+
+* Radio: new class 'qfq-disabled' if readonly is set. Softer blue. Mark disabled - changed hover. Text in darker orange.
+  Simple-error renamed to qfq-notify - removed box around error.
 * New default class for 'form' tag: 'qfq-notify'.
 * Manual.rst: Add info for 'letter-no-break'.
 * Add validator.js to list of used packages.
@@ -86,21 +89,17 @@ Date: 25.11.2019
 Notes
 ^^^^^
 
-* Fantastic new formModeGlobal=skipRequiredCheck: fill's '{{allRequiredGiven:V}}' before save to 1 (all given) else 0.
+* Enhance formModeGlobal=requiredOff/-ButMark (temporarily skipRequiredCheck): fill's '{{allRequiredGiven:V}}' before
+  save to 1 (all given) else 0.
   Offers user to save form, even if not all required data are given and offers application logic to check easily if all
-  required fields has been fillled.
-
-* formModeGlobal=requiredOff is now deprecated but will still work.
+  required fields has been filled.
 
 Features
 ^^^^^^^^
 
-* #9526 / Mark required fields more visible
+* #9526 / Mark required fields more visible.
 * #9617 / Improve 'formModeGlobal=requiredOff'.
 
-  * New mode name 'skipRequiredCheck'.
-  * 'requiredOff' is replaced by 'skipRequiredCheck' and now deprecated.
-  * Add documentation for 'skipRequiredCheck:S' & 'allRequiredGiven:V'
   * Feature `Form.formModeGlobal` implemented - STORE_SIP overwrites form definition.
   * New STORE_VAR variable 'allRequiredGiven'. Becomes '1' if all required fields are given, else 0.
 
@@ -114,11 +113,11 @@ Bug Fixes
 * #7639 / subrecord drag n drop:
 
  * `orderInterval` has not been respected.
- * Update Manual.rst
+ * Update Manual.rst.
  * Fake STORE_SIP so it can be used during processing sql1.
  * The record, currently loaded into form, is available via STORE_RECORD.
- * Check for id/_id and ord/_ord
- * Throw meaningful exception if missing 'id' or 'ord'
+ * Check for id/_id and ord/_ord.
+ * Throw meaningful exception if missing 'id' or 'ord'.
 
 * Fixes bug that no mime_type_content is called if there is on file.
 * Fix broken regex101 url.
diff --git a/extension/Classes/Core/Report/Link.php b/extension/Classes/Core/Report/Link.php
index 8bc91b4143f527d6137988aedc4c1573ea3dd553..1e6a55203787936d44f0e104222f9b15abc65032 100644
--- a/extension/Classes/Core/Report/Link.php
+++ b/extension/Classes/Core/Report/Link.php
@@ -28,6 +28,7 @@ use IMATHUZH\Qfq\Core\Helper\KeyValueStringParser;
 use IMATHUZH\Qfq\Core\Helper\OnArray;
 use IMATHUZH\Qfq\Core\Helper\Support;
 use IMATHUZH\Qfq\Core\Helper\Token;
+use IMATHUZH\Qfq\Core\Helper\Sanitize;
 use IMATHUZH\Qfq\Core\Store\Sip;
 use IMATHUZH\Qfq\Core\Store\Store;
 
@@ -1525,6 +1526,12 @@ EOF;
      */
     private function buildDownload($vars, $value) {
 
+        // By default, qfq saves everything HTML encoded. E.g. in form '&#39;' - decode them back to regual UTF-8 text.
+        $filename = html_entity_decode($vars[DOWNLOAD_EXPORT_FILENAME], ENT_QUOTES | ENT_XML1, 'UTF-8');
+
+        // Remove unsafe characters.
+        $vars[DOWNLOAD_EXPORT_FILENAME] = Sanitize::safeFilename($filename);
+
         return $vars;
     }
 
diff --git a/javascript/src/QfqForm.js b/javascript/src/QfqForm.js
index cda7095897de0293bdf5a0e40767afb57f0ed4e5..a2edb72315174e804d8e1df59318ee288fe54feb 100644
--- a/javascript/src/QfqForm.js
+++ b/javascript/src/QfqForm.js
@@ -504,8 +504,9 @@ var QfqNS = QfqNS || {};
         }
     };
 
+    /* Dynamic Update Trigger */
     n.QfqForm.prototype.setupFormUpdateHandler = function () {
-        $('input[data-load],select[data-load]').on('change', this.formUpdateHandler.bind(this));
+        $('textarea[data-load],input[data-load],select[data-load]').on('change', this.formUpdateHandler.bind(this));
     };
 
     n.QfqForm.prototype.formUpdateHandler = function () {