CSRF origin check fail

[hall500]

This line seems to be the problem with the csrf check not working not sure why though.
// Check if session token matches form token
if ( $origin[ $key ] != $hash )
if($throwException)
throw new Exception( 'Invalid CSRF token.' );
else
return false;

[hall500]

I think removing this line should enable it work fine. For some reason the origin key and hash don't seem to be similar.