When using flask_wtf.file.FileAllowed to validate that a file has the correct file extension, a file named '.ext' is seen as having the correct file extension. For me this behavior was a little unexpected and I was wondering if this is intentional/correct.

• on the one hand it does end with .ext so it is valid
• on the other hand is this actually the file extension or the filename e.g. like a hidden file without an extension?

os.path.splitext('.ext') returns ('.ext', '') so it treats it as the filename, not the extension. Would it be consistent/more correct to replace the .endswith here with a comparision to os.path.splitext()[1]?
https://github.com/wtforms/flask-wtf/blob/6d2fcde659041aa7579cbb51ce4f329d88442716/src/flask_wtf/file.py#L84

a fix could be something like this maybe?:
https://github.com/theendlessriver13/flask-wtf/blob/741aa2ed138e3b821b364b41496d4af91aec1e9b/src/flask_wtf/file.py#L84-L87

Any thoughts on this? I think an (explicit) workaround would be to add a separate custom validator checking the filename itself?