While preparing to answer this I realised I wasn't sure either, but I think it goes like this:
Browser generates a random temporary (symmetric) encryption key, encrypts it using the server's certificate (which is its public key) and sends this as part of its request to the server.
Server decrypts the browser's key with private key that only it has, and uses it to encrypt and decrypt everything from there on.
MitM can't communicate back to the browser because they can't decrypt and use the key that the browser is expecting them to use.
(Well they could try, but you'll know they're at it if there's an unusually large fruit-machine in the corner with "D-Wave" written on the side lol).
That was sort of an exercise to self, in case you couldn't guess ;)