Custom Headers - Content Security Policy

As a component of our enterprise plan, we gain the capability to incorporate custom security headers.

One specific header we aim to deploy is the Content Security Policy, however, this policy demands iterative testing to safeguard consistent functionality post-implementation.

As part of this enterprise plan we’re on, is there a method to establish a staging or testing website, that replicates our Production site, which would allow us to deploy this custom security header, test the functionality, and subsequently then introduce the policy to the live production environment?