How to add global custom headers?

Hey there, I am looking to add a request header of Content-Security-Policy-Report-Only and Content-Security-Policy across the site in preparation for an upcoming security scan. In looking at the XDN documentation, I see we can add at a route level. Is there any way to define global headers to the build?

Thanks

See https://developer.moovweb.com/guides/security#section_content_security_policy__csp_

You can easily add CSP headers to your site via a catch-all route near the top of your router.

To enforce a content security policy:

new Router().match('/:path*', ({ setResponseHeader }) => {
  setResponseHeader(
    'Content-Security-Policy',
    "default-src 'self'; report-uri http://reportcollector.example.com/collector.cgi",
  )
})

To enable a content security policy in report-only mode:

new Router().match('/:path*', ({ setResponseHeader }) => {
  setResponseHeader(
    'Content-Security-Policy-Report-Only',
    "default-src 'self'"
  )
})