diff --git a/src/Microsoft.AspNet.Security.Twitter/TwitterAuthenticationHandler.cs b/src/Microsoft.AspNet.Security.Twitter/TwitterAuthenticationHandler.cs
index 7fbb4fbc3a..7eeac5702d 100644
--- a/src/Microsoft.AspNet.Security.Twitter/TwitterAuthenticationHandler.cs
+++ b/src/Microsoft.AspNet.Security.Twitter/TwitterAuthenticationHandler.cs
@@ -104,7 +104,13 @@ namespace Microsoft.AspNet.Security.Twitter
                     ClaimsIdentity.DefaultRoleClaimType);
                 context.Properties = requestToken.Properties;
 
-                Response.Cookies.Delete(StateCookie);
+                var cookieOptions = new CookieOptions
+                {
+                    HttpOnly = true,
+                    Secure = Request.IsSecure
+                };
+
+                Response.Cookies.Delete(StateCookie, cookieOptions);
 
                 await Options.Notifications.Authenticated(context);