From c3a535c987b680f1c715c42a41f061a4f8c9df86 Mon Sep 17 00:00:00 2001
From: Tyler <tyler@tylerhoang.xyz>
Date: Sun, 17 May 2026 00:33:23 -0700
Subject: Fix quotetable row click: use data-sym + event delegation

Replaced inline onclick with escaped string literals with the same
data-sym / closest(tr[data-sym]) event delegation pattern used by the
working sidebar watchlist. Avoids JS string quoting issues in HTML
attribute context.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 components/quotetable.py | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/components/quotetable.py b/components/quotetable.py
index e85c335..e975a67 100644
--- a/components/quotetable.py
+++ b/components/quotetable.py
@@ -64,7 +64,7 @@ def render_quotetable(watchlist: list[str]) -> None:
                 vol_str = "—"
 
             rows_html += (
-                "<tr class='qt-row' onclick='selectQtTicker(\"" + sym_e + "\")'>"
+                "<tr class='qt-row' data-sym='" + sym_e + "'>"
                 "<td class='lbl'>" + sym_e + "</td>"
                 "<td class='sec'>" + sector_e + "</td>"
                 "<td class='r'>" + px_str + "</td>"
@@ -76,7 +76,7 @@ def render_quotetable(watchlist: list[str]) -> None:
         except Exception:
             sym_e = escape_html(sym)
             rows_html += (
-                "<tr class='qt-row' onclick='selectQtTicker(\"" + sym_e + "\")'>"
+                "<tr class='qt-row' data-sym='" + sym_e + "'>"
                 "<td class='lbl'>" + sym_e + "</td>"
                 "<td class='sec'>—</td>"
                 "<td class='r'>—</td>"
@@ -148,7 +148,10 @@ def render_quotetable(watchlist: list[str]) -> None:
         "</table>"
         "</div>"
         "<script>"
-        "function selectQtTicker(sym) {"
+        "document.addEventListener('click', function(e) {"
+        "  var row = e.target.closest('tr[data-sym]');"
+        "  if (!row) return;"
+        "  var sym = row.dataset.sym;"
         "  try {"
         "    var inputs = window.parent.document.querySelectorAll('input[type=text]');"
         "    var target = null;"
@@ -162,7 +165,7 @@ def render_quotetable(watchlist: list[str]) -> None:
         "    setter.call(target, sym);"
         "    target.dispatchEvent(new window.parent.Event('input', { bubbles: true }));"
         "  } catch(e) { console.warn('quotetable click failed', e); }"
-        "}"
+        "});"
         "</script>"
     )
 
-- 
cgit v1.3-2-g0d8e