That's why GP wrote MITM, not just network blocking. MITM implies the middlebox is trusted by the browser in which it has installed a certificate, so can see and modify content.