Found a Taiwan ebook store, managed to make a purchase. It mentioned PDF when purchase but it requires you to either use their web or their mobile app to read.

Then guess what? The JS code for web is raw js. I mean, when almost everyone is using something like typescript and framework, I would never expect something so simple like this would work.

Hijack the code for displaying the image and grab the content. So everytime I read a page, it gets downloaded to my computer.

I would say it's "fair use". In the worse case I can inject my own SSL cert into the system and grab the content anyway. Unless the image data is encrypted and need some js code to decrypt on the client side.