Okay, so it's (just) for reading the delivered data. Somehow I keep considering MitM a harmful attack (i.e. manipulating the data before it hits the user). My bad :)
Given that you're relying on server-provided JS to verify the integrity of the data in the first place, a MITM could replace the verification function with return(true) and then inject whatever data they want.