diff --git a/src/aphront/AphrontRequest.php b/src/aphront/AphrontRequest.php
index 68c0c16b16..1d940c32d1 100644
--- a/src/aphront/AphrontRequest.php
+++ b/src/aphront/AphrontRequest.php
@@ -199,15 +199,7 @@ final class AphrontRequest {
     // No token in the request, check the HTTP header which is added for Ajax
     // requests.
     if (empty($token)) {
-
-      // PHP mangles HTTP headers by uppercasing them and replacing hyphens with
-      // underscores, then prepending 'HTTP_'.
-      $php_index = self::getCSRFHeaderName();
-      $php_index = strtoupper($php_index);
-      $php_index = str_replace('-', '_', $php_index);
-      $php_index = 'HTTP_'.$php_index;
-
-      $token = idx($_SERVER, $php_index);
+      $token = self::getHTTPHeader(self::getCSRFHeaderName());
     }
 
     $valid = $this->getUser()->validateCSRFToken($token);
@@ -430,4 +422,14 @@ final class AphrontRequest {
   }
 
 
+  public static function getHTTPHeader($name, $default = null) {
+    // PHP mangles HTTP headers by uppercasing them and replacing hyphens with
+    // underscores, then prepending 'HTTP_'.
+    $php_index = strtoupper($name);
+    $php_index = str_replace('-', '_', $php_index);
+    $php_index = 'HTTP_'.$php_index;
+
+    return idx($_SERVER, $php_index, $default);
+  }
+
 }
diff --git a/src/aphront/console/plugin/xhprof/DarkConsoleXHProfPluginAPI.php b/src/aphront/console/plugin/xhprof/DarkConsoleXHProfPluginAPI.php
index 2eadc39068..e2f9cad21d 100644
--- a/src/aphront/console/plugin/xhprof/DarkConsoleXHProfPluginAPI.php
+++ b/src/aphront/console/plugin/xhprof/DarkConsoleXHProfPluginAPI.php
@@ -22,12 +22,9 @@ final class DarkConsoleXHProfPluginAPI {
       return $_REQUEST['__profile__'];
     }
 
-    $header = self::getProfilerHeader();
-    $header = strtoupper($header);
-    $header = str_replace('-', '_', $header);
-    $header = 'HTTP_'.$header;
-    if (!empty($_SERVER[$header])) {
-      return $_SERVER[$header];
+    $header = AphrontRequest::getHTTPHeader(self::getProfilerHeader());
+    if ($header) {
+      return $header;
     }
 
     static $profilerRequested = null;
diff --git a/src/applications/config/check/PhabricatorSetupCheckBaseURI.php b/src/applications/config/check/PhabricatorSetupCheckBaseURI.php
index 83c6fb2624..1ad78a6172 100644
--- a/src/applications/config/check/PhabricatorSetupCheckBaseURI.php
+++ b/src/applications/config/check/PhabricatorSetupCheckBaseURI.php
@@ -5,7 +5,7 @@ final class PhabricatorSetupCheckBaseURI extends PhabricatorSetupCheck {
   protected function executeChecks() {
     $base_uri = PhabricatorEnv::getEnvConfig('phabricator.base-uri');
 
-    if (strpos($_SERVER['HTTP_HOST'], '.') === false) {
+    if (strpos(AphrontRequest::getHTTPHeader('Host'), '.') === false) {
       $summary = pht(
         'The domain does not contain a dot. This is necessary for some web '.
         'browsers to be able to set cookies.');
diff --git a/src/applications/people/storage/PhabricatorUserLog.php b/src/applications/people/storage/PhabricatorUserLog.php
index 9887f26911..20c35bbdec 100644
--- a/src/applications/people/storage/PhabricatorUserLog.php
+++ b/src/applications/people/storage/PhabricatorUserLog.php
@@ -75,7 +75,7 @@ final class PhabricatorUserLog extends PhabricatorUserDAO {
       $this->setSession(idx($_COOKIE, 'phsid'));
     }
     $this->details['host'] = php_uname('n');
-    $this->details['user_agent'] = idx($_SERVER, 'HTTP_USER_AGENT');
+    $this->details['user_agent'] = AphrontRequest::getHTTPHeader('User-Agent');
 
     return parent::save();
   }
diff --git a/src/infrastructure/celerity/CelerityResourceController.php b/src/infrastructure/celerity/CelerityResourceController.php
index b3cb96f3bb..8c72134875 100644
--- a/src/infrastructure/celerity/CelerityResourceController.php
+++ b/src/infrastructure/celerity/CelerityResourceController.php
@@ -34,7 +34,7 @@ abstract class CelerityResourceController extends PhabricatorController {
       throw new Exception("Only static resources may be served.");
     }
 
-    if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) &&
+    if (AphrontRequest::getHTTPHeader('If-Modified-Since') &&
         !PhabricatorEnv::getEnvConfig('phabricator.developer-mode')) {
       // Return a "304 Not Modified". We don't care about the value of this
       // field since we never change what resource is served by a given URI.
diff --git a/src/view/page/PhabricatorStandardPageView.php b/src/view/page/PhabricatorStandardPageView.php
index b0ec7a1642..ea9cc314da 100644
--- a/src/view/page/PhabricatorStandardPageView.php
+++ b/src/view/page/PhabricatorStandardPageView.php
@@ -367,7 +367,7 @@ final class PhabricatorStandardPageView extends PhabricatorBarePageView {
       $classes[] = 'phabricator-chromeless-page';
     }
 
-    $agent = idx($_SERVER, 'HTTP_USER_AGENT');
+    $agent = AphrontRequest::getHTTPHeader('User-Agent');
 
     // Try to guess the device resolution based on UA strings to avoid a flash
     // of incorrectly-styled content.
diff --git a/webroot/index.php b/webroot/index.php
index 774ad58d7a..38e776f241 100644
--- a/webroot/index.php
+++ b/webroot/index.php
@@ -15,7 +15,7 @@ try {
     PhabricatorStartup::setGlobal('log.access', $access_log);
     $access_log->setData(
       array(
-        'R' => idx($_SERVER, 'HTTP_REFERER', '-'),
+        'R' => AphrontRequest::getHTTPHeader('Referer', '-'),
         'r' => idx($_SERVER, 'REMOTE_ADDR', '-'),
         'M' => idx($_SERVER, 'REQUEST_METHOD', '-'),
       ));
@@ -34,7 +34,7 @@ try {
     return;
   }
 
-  $host = $_SERVER['HTTP_HOST'];
+  $host = AphrontRequest::getHTTPHeader('Host');
   $path = $_REQUEST['__path__'];
 
   switch ($host) {