allowedFields isn't being respected.

[dpnova]

Here's an example PR that shouldn't exist: https://github.com/enhancedsociety/website/pull/13

It looks like here, it's allowing the fields if they are empty. https://github.com/eduardoboucas/staticman/blob/44f95c6c0957099e3deb8f0ea7f51612be91b5d3/lib/Staticman.js#L391

We are trying to use them as a honeypot to filter spam, but allowing the empty string through breaks that idea.