如果您不测试标头本身，我认为您不应该依赖标头，您应该存根检查 HTTP_AUTORIZATION 是否存在的方法，并且使它对所有规范都返回 true，除了测试特定标题的规范

I don't think you should depend on the header if you are not testing the header itself, you should stub the method that checks if the HTTP_AUTORIZATION is present and make it return true for all specs except the spec that tests that particular header

类似...在控制器上

Controller...
  before_filter :require_http_autorization_token

  methods....

  protected
  def require_http_autorization_token
    something
  end

在规范上

before(:each) do
  controller.stub!(:require_http_autorization_token => true)
end

describe 'GET user' do
  it 'returns something' do
    #call the action without the auth token
  end

  it 'requires an http_autorization_token' do
    controller.unstub(:require_http_autorization_token)
    #test that the actions require that token
  end
end

这样人们就可以忘记令牌并测试您真正想要测试的内容

that way one can forget the token and test what you really want to test