As made clear by the CSP spec, browser bookmarklets shouldn't be affected by CSP. [..]

But, none of the browsers get this correct. All cause CSP violations and prevent the bookmarklet from functioning.

Though its highly discouraged, you can disable CSP in Firefox as a temporary workaround. Open up about:config and set security.csp.enable to false.

Finally I can bookmark github.com pages though my Firefox bookmarklets again. Wasn't aware that CSP was the culprit... #firefox #bookmarklet #csp