I mean is there any manual way to add those default access control headers to cors response?

You can write a plugin to add those headers for every response. Here is an example:

val plugin = createApplicationPlugin("plugin") {
    onCall { call ->
        if (call.request.httpMethod == HttpMethod.Options) {
            call.response.headers.append("Access-Control-Allow-Methods", "GET, POST")
        }
    }
}