diff --git a/README.md b/README.md
index dc62e42..938e2d8 100644
--- a/README.md
+++ b/README.md
@@ -154,18 +154,23 @@ composer install
 </td><td><a href="#addneverallowedoneventsafterwardsstring-strings-this">addNeverAllowedOnEventsAfterwards</a>
 </td><td><a href="#addneverallowedregexstring-strings-this">addNeverAllowedRegex</a>
 </td><td><a href="#addneverallowedstrafterwardsstring-strings-this">addNeverAllowedStrAfterwards</a>
-</td></tr><tr><td><a href="#isxssfound-boolnull">isXssFound</a>
+</td></tr><tr><td><a href="#addnaughtyjavascriptpatterns-strings-this">addNaughtyJavascriptPatterns</a>
+</td><td><a href="#isxssfound-boolnull">isXssFound</a>
 </td><td><a href="#removedonotclosehtmltagsstring-strings-this">removeDoNotCloseHtmlTags</a>
 </td><td><a href="#removeevilattributesstring-strings-this">removeEvilAttributes</a>
-</td><td><a href="#removeevilhtmltagsstring-strings-this">removeEvilHtmlTags</a>
-</td></tr><tr><td><a href="#removeneverallowedcallstringsstring-strings-this">removeNeverAllowedCallStrings</a>
+</td></tr><tr><td><a href="#removeevilhtmltagsstring-strings-this">removeEvilHtmlTags</a>
+</td><td><a href="#removeneverallowedcallstringsstring-strings-this">removeNeverAllowedCallStrings</a>
 </td><td><a href="#removeneverallowedjscallbackregexstring-strings-this">removeNeverAllowedJsCallbackRegex</a>
 </td><td><a href="#removeneverallowedoneventsafterwardsstring-strings-this">removeNeverAllowedOnEventsAfterwards</a>
-</td><td><a href="#removeneverallowedregexstring-strings-this">removeNeverAllowedRegex</a>
-</td></tr><tr><td><a href="#removeneverallowedstrafterwardsstring-strings-this">removeNeverAllowedStrAfterwards</a>
+</td></tr><tr><td><a href="#removeneverallowedregexstring-strings-this">removeNeverAllowedRegex</a>
+</td><td><a href="#removeneverallowedstrafterwardsstring-strings-this">removeNeverAllowedStrAfterwards</a>
 </td><td><a href="#setreplacementstring-string-this">setReplacement</a>
 </td><td><a href="#setstripe4bytecharsbool-bool-this">setStripe4byteChars</a>
-</td><td><a href="#xss_cleanstringstring-str-stringstring">xss_clean</a>
+</td></tr><tr><td><a href="#xss_cleanstringstring-str-stringstring">xss_clean</a>
+</td><td>
+</td><td>
+</td><td>
+</td><td>
 </td></tr></table>
 
 ## addDoNotCloseHtmlTags(string[] $strings): $this
@@ -264,6 +269,18 @@ Add some strings to the "_never_allowed_str_afterwards"-array.
 
 --------
 
+## addNaughtyJavascriptPatterns(string[] $strings): $this
+<a href="#voku-php-readme-class-methods">↑</a>
+Add some strings to the "_naughty_javascript_patterns"-array.
+
+**Parameters:**
+- `string[] $strings`
+
+**Return:**
+- `$this`
+
+--------
+
 ## isXssFound(): bool|null
 <a href="#voku-php-readme-class-methods">↑</a>
 Check if the "AntiXSS->xss_clean()"-method found an XSS attack in the last run.
diff --git a/src/voku/helper/AntiXSS.php b/src/voku/helper/AntiXSS.php
index 650ec3b..ce2cbfe 100644
--- a/src/voku/helper/AntiXSS.php
+++ b/src/voku/helper/AntiXSS.php
@@ -407,6 +407,31 @@ final class AntiXSS
         'xml',
     ];
 
+    /**
+     * @var string[]
+     */
+    private $_naughty_javascript_patterns = [
+        'alert',
+        'prompt',
+        'confirm',
+        'cmd',
+        'passthru',
+        'eval',
+        'exec',
+        'execScript',
+        'setTimeout',
+        'setInterval',
+        'setImmediate',
+        'expression',
+        'system',
+        'fopen',
+        'fsockopen',
+        'file',
+        'file_get_contents',
+        'readfile',
+        'unlink',
+    ];
+
     /**
      * @var string
      */
@@ -1724,30 +1749,8 @@ private function _sanitize_naughty_html_callback($matches)
     private function _sanitize_naughty_javascript($str)
     {
         if (\strpos($str, '(') !== false) {
-            $patterns = [
-                'alert',
-                'prompt',
-                'confirm',
-                'cmd',
-                'passthru',
-                'eval',
-                'exec',
-                'execScript',
-                'setTimeout',
-                'setInterval',
-                'setImmediate',
-                'expression',
-                'system',
-                'fopen',
-                'fsockopen',
-                'file',
-                'file_get_contents',
-                'readfile',
-                'unlink',
-            ];
-
             $found = false;
-            foreach ($patterns as $pattern) {
+            foreach ($this->_naughty_javascript_patterns as $pattern) {
                 if (\strpos($str, $pattern) !== false) {
                     $found = true;
 
@@ -1757,7 +1760,7 @@ private function _sanitize_naughty_javascript($str)
 
             if ($found === true) {
                 $str = (string) \preg_replace(
-                    '#(?<!\p{L})(' . \implode('|', $patterns) . ')(\s*)\((.*)\)#uisU',
+                    '#(?<!\p{L})(' . \implode('|', $this->_naughty_javascript_patterns) . ')(\s*)\((.*)\)#uisU',
                     '\\1\\2&#40;\\3&#41;',
                     $str
                 );
@@ -2002,6 +2005,27 @@ public function removeDoNotCloseHtmlTags(array $strings): self
         return $this;
     }
 
+    /**
+     * Add some strings to the "_naughty_javascript_patterns"-array.
+     *
+     * @param string[] $strings
+     *
+     * @return $this
+     */
+    public function addNaughtyJavascriptPatterns(array $strings): self
+    {
+        if ($strings === []) {
+            return $this;
+        }
+
+        $this->_naughty_javascript_patterns = \array_merge(
+            $strings,
+            $this->_naughty_javascript_patterns
+        );
+
+        return $this;
+    }
+
     /**
      * Check if the "AntiXSS->xss_clean()"-method found an XSS attack in the last run.
      *