Why is this a CSP violation? blocked-uri = self when 'self' is explicitly allowed

Question

I cannot wrap my head around the CSP violation report below (sent by FireFox 44.0.2 / Ubuntu). What is really being blocked here and why? It should be noted that it does not matter if I write 'self' or (as gets automatically translated in the report) https://www.example.com into the CSP header. Also, I am not aware of anything missing from the rendered page. So what can I do against it? (Apparently, I should not add reporting in my live site if every page triggers a fake violation report)

{
    "csp-report":{
        "blocked-uri":"self",
        "document-uri":"https://www.example.com/foo/bar/baz.html",
        "original-policy":"report-uri https://reportserver.example.com/ContentSecurityPolicy-report.php; 
            default-src https://www.example.com; 
            style-src https://example.com https://www.example.com https://fonts.googleapis.com; 
            script-src https://www.example.com https://code.jquery.com https://ajax.googleapis.com; 
            font-src https://fonts.gstatic.com",
        "referrer":"https://www.example.com/foo/bar/wtf.html",
        "source-file":"https://www.example.com/foo/bar/baz.html",
        "violated-directive":"style-src https://example.com https://www.example.com https://fonts.googleapis.com"
    }
}

Answer 1

By setting your policy to:

default-src 'self'; style-src example.com www.example.com 'self' https://fonts.googleapis.com 'unsafe-inline'; script-src 'self' https://code.jquery.com https://ajax.googleapis.com; font-src https://fonts.gstatic.com 'self';

I don't see any violations. I added the 'unsafe-inline' to style src, and 'self' to font-src.