UserAgent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0

Steps to reproduce the problem:
Steps to reproduce:

Just install a bookmarket. For example, install http://ffoodd.github.io/a11y.css/ and test it on a website with CSP enabled.

Here is an example: http://csp.nicolas-hoffmann.net/ (see bug https://bugzilla.mozilla.org/show_bug.cgi?id=1195302 to see how this page works, basically, it makes an ajax call to retrieve CSP errors generated)

Use the bookmarklet on it (and refresh, it will display CSP errors).

What is the expected behavior?
Bookmarklet should not generate CSP errors.

What went wrong?
For the a11y.css bookmarklet, if CSP is activated on a website without some rules especially dedicated for it, Firefox triggers CSP errors.

For this case, I had to add 'unsafe-inline' to script-src and https://rawgit.com/ to  style-src directives.

Did this work before? No 

Chrome version: <Copy from: 'ab49.0.2623.87 (Build officiel) m (32 bits)out:version'>  Channel: stable
OS Version: 10.0
Flash Version: Shockwave Flash 21.0 r0