Interesting, I don't use Firefox enough to have noticed this. Would it be possible to whitelist this functionality in your CSP in the short term without adversely affecting the strength of your policy?
Idlewords runs Pinboard, a bookmarking site, so I'm guessing he's worried about the impact of other people turning on CSP. I don't use Pinboard, but I believe I've encountered the problem using the Instapaper bookmarklet.