diff --git a/isso/views/comments.py b/isso/views/comments.py
index 24a907e..1bec27b 100644
--- a/isso/views/comments.py
+++ b/isso/views/comments.py
@@ -12,6 +12,7 @@ from werkzeug.http import dump_cookie
 from werkzeug.routing import Rule
 from werkzeug.wrappers import Response
 from werkzeug.exceptions import BadRequest, Forbidden, NotFound
+from werkzeug.useragents import UserAgent
 
 from isso.compat import text_type as str
 
@@ -44,7 +45,10 @@ def csrf(view):
 
     def dec(self, environ, request, *args, **kwargs):
 
-        origin = request.headers.get("Origin", "")
+        if UserAgent(environ).browser == "msie":  # yup
+            origin = request.headers.get("Referer", "")
+        else:
+            origin = request.headers.get("Origin", "")
         if parse.host(origin) not in map(parse.host, self.conf.getiter("host")):
             raise Forbidden("CSRF")