I took following bookmarklet from here:
javascript:var a='';
for(var ln=0;ln<document.links.length;ln++)
{var lk=document.links[ln];
a+=ln+': <a href=\''+lk+'\' title=\''+lk.text+'\'>'+lk+'</a><br>\n';
}
w=window.open('','Links','scrollbars,resizable,width=800,height=600');
w.document.write(a)
why it does not work on twitter main site: https://twitter.com/search?q=from%3Abmw%20since%3A2016-07-01%20until%3A2016-07-31&src=typd
it does work perfectly on mobile site: https://m.twitter.com/search?q=from%3Abmw%20since%3A2016-07-01%20until%3A2016-07-31&src=typd
to use this bookmarklet drag it to your bookmarkbar, then click on it.
It's a CSP (Content Security Policy) problem.
Using CSP, the site gets to decide which scripts are allowed to run. Twitter, GitHub, and a few others disable inline scripts, which renders bookmarklets unusable on their sites.
While the CSP spec allows browsers to bypass such restrictions in order to keep bookmarklets, user scripts etc. functional, it doesn't enforce it. (It used to, but the wording was changed from should to may.) Unfortunately, Firefox doesn't seem to allow this for bookmarklets, and unless you're willing to disable CSP completely (security.csp.enable in about:config), I'm not aware of any setting to get around this. (Extensions will still work.) It works in Chrome, though – that's why @albert couldn't reproduce your problem.
You can try for yourself: Go to Twitter and enter something like javascript:alert('hello') in the address bar. Nothing will happen, and if you open the JS console and enable the security log, you'll see that CSP prevented your sript from running.
So, in short: Bookmarklets were sacrificed on the altar of supposed security benefits.